dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update doc

Browse Source
This commit is contained in:
Xavier Guimard 2017-03-30 05:08:56 +00:00
parent 10f9249961
commit 2df81aaa1d
40 changed files with 736 additions and 781 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
doc/pages/documentation/current/applications.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:applications</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="applications.html"/>

2
doc/pages/documentation/current/applications/adfs.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:applications:adfs</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,adfs"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="adfs.html"/>

4
doc/pages/documentation/current/applications/img/icons.png
View File

@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=378132ea54accc5c67c7c9ceda71bf59" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=62a29c35a267f658799e362598e991b4" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1489508242" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1490850178" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>

4
doc/pages/documentation/current/applications/img/loader.gif
View File

@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=378132ea54accc5c67c7c9ceda71bf59" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=62a29c35a267f658799e362598e991b4" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1489508242" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1490850178" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>

60
doc/pages/documentation/current/authcombination.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:authcombination</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,authcombination"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authcombination.html"/>
@ -60,6 +60,8 @@
<li class="level3"><div class="li"><a href="#let_s_be_crazy">Let&#039;s be crazy</a></div></li>
</ul>
</li>
<li class="level2"><div class="li"><a href="#combine_second_factor">Combine second factor</a></div></li>
<li class="level2"><div class="li"><a href="#display_multiple_forms">Display multiple forms</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#known_problems">Known problems</a></div>
@ -268,18 +270,54 @@ The following rule is valid:
</div>
<!-- EDIT7 SECTION "Rule chain" [1304-3610] -->
<h2 class="sectionedit11" id="known_problems">Known problems</h2>
<h3 class="sectionedit11" id="combine_second_factor">Combine second factor</h3>
<div class="level3">
<p>
Imagine you want to authenticate users either by SSL or LDAP+U2F, you can&#039;t directly write this rule: this is done in 2 steps:
</p>
<ul>
<li class="level1"><div class="li"> use this combination rule: <code>[SSL,LDAP] or [LDAP]</code></div>
</li>
<li class="level1"><div class="li"> enable U2F with this rule: <code>$_auth eq “LDAP”</code> or <code>$_authenticationLevel &lt; 4</code> <em>(and adapt U2F authentication level)</em></div>
</li>
</ul>
<p>
Now if you want to authenticate users either by LDAP or LDAP+U2F <em>(to have 2 different authentication level)</em>, 2 possibilities:
</p>
<ul>
<li class="level1"><div class="li"> configure 2 portals and overwrite U2F activation in the second</div>
</li>
<li class="level1"><div class="li"> Modify login template to propose the choice <em>(add a “submit” button that points to the second portal)</em></div>
</li>
</ul>
</div>
<!-- EDIT11 SECTION "Combine second factor" [3611-4260] -->
<h3 class="sectionedit12" id="display_multiple_forms">Display multiple forms</h3>
<div class="level3">
<p>
Combination module returns the form corresponding to the first authentication scheme available for the current request. You can force it to display the forms chosen using <code>combinationForms</code> in lemonldap-ng.ini. Example:
</p>
<pre class="code :ini"><span class="re0"><span class="br0">&#91;</span>portal<span class="br0">&#93;</span></span>
<span class="re1">combinationForms</span> <span class="sy0">=</span><span class="re2"> standardform, openidform</span></pre>
</div>
<!-- EDIT12 SECTION "Display multiple forms" [4261-4589] -->
<h2 class="sectionedit13" id="known_problems">Known problems</h2>
<div class="level2">
</div>
<!-- EDIT11 SECTION "Known problems" [3611-3638] -->
<h3 class="sectionedit12" id="federation_protocols">Federation protocols</h3>
<!-- EDIT13 SECTION "Known problems" [4590-4617] -->
<h3 class="sectionedit14" id="federation_protocols">Federation protocols</h3>
<div class="level3">
<p>
<a href="authsaml.html" class="wikilink1" title="documentation:2.0:authsaml">SAML</a>, <a href="authopenidconnect.html" class="wikilink1" title="documentation:2.0:authopenidconnect">OpenID-Connect</a>, <a href="authcas.html" class="wikilink1" title="documentation:2.0:authcas">CAS</a> or <a href="authopenid.html" class="wikilink1" title="documentation:2.0:authopenid">old OpenID</a> can&#039;t be chained with a “and” for authentication part. So “[<abbr title="Security Assertion Markup Language">SAML</abbr>] and [LDAP]” isn&#039;t valid. This is because their authentication kinematic don&#039;t use the same steps.
</p>
<div class="table sectionedit13"><table class="inline table table-bordered table-striped">
<div class="table sectionedit15"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Bad expression </th><th class="col1 centeralign"> Solution </th><th class="col2 centeralign"> Explanation </th>
@ -292,10 +330,10 @@ The following rule is valid:
<td class="col0"> <em><code>[<abbr title="Security Assertion Markup Language">SAML</abbr>] and [LDAP] or [LDAP]</code></em> </td><td class="col1"> <code>[<abbr title="Security Assertion Markup Language">SAML</abbr>, <abbr title="Security Assertion Markup Language">SAML</abbr> and LDAP] or [LDAP]</code> </td><td class="col2"> Authentication is done by <abbr title="Security Assertion Markup Language">SAML</abbr> or LDAP but user must match an LDAP entry </td>
</tr>
</table></div>
<!-- EDIT13 TABLE [3938-4270] -->
<!-- EDIT15 TABLE [4917-5249] -->
</div>
<!-- EDIT12 SECTION "Federation protocols" [3639-4271] -->
<h3 class="sectionedit14" id="authapache_authentication">AuthApache authentication</h3>
<!-- EDIT14 SECTION "Federation protocols" [4618-5250] -->
<h3 class="sectionedit16" id="authapache_authentication">AuthApache authentication</h3>
<div class="level3">
<p>
@ -311,8 +349,8 @@ To bypass this, follow the documentation of <a href="authapache.html" class="wik
</p>
</div>
<!-- EDIT14 SECTION "AuthApache authentication" [4272-4688] -->
<h3 class="sectionedit15" id="ssl_authentication">SSL authentication</h3>
<!-- EDIT16 SECTION "AuthApache authentication" [5251-5667] -->
<h3 class="sectionedit17" id="ssl_authentication">SSL authentication</h3>
<div class="level3">
<p>
@ -320,6 +358,6 @@ To chain SSL, you have to set “SSLRequire optional” in Apache configuration,
</p>
</div>
<!-- EDIT15 SECTION "SSL authentication" [4689-] --></div>
<!-- EDIT17 SECTION "SSL authentication" [5668-] --></div>
</body>
</html>

2
doc/pages/documentation/current/authopenidconnect.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:authopenidconnect</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authopenidconnect"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authopenidconnect.html"/>

2
doc/pages/documentation/current/authpam.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:authpam</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authpam"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authpam.html"/>

16
doc/pages/documentation/current/configvhost.html
View File

@ -217,6 +217,8 @@ Then you can take any virtual host and modify it:
auth_request /lmauth;
auth_request_set $lmremote_user $upstream_http_lm_remote_user;
auth_request_set $lmlocation $upstream_http_location;
auth_request_set $cookie_value $upstream_http_set_cookie;
add_header Set-Cookie $cookie_value;
error_page 401 $lmlocation;
try_files $uri $uri/ =404;
&nbsp;
@ -251,7 +253,7 @@ Then you can take any virtual host and modify it:
}</pre>
</div>
<!-- EDIT6 SECTION "Nginx configuration" [3049-4833] -->
<!-- EDIT6 SECTION "Nginx configuration" [3049-4936] -->
<h3 class="sectionedit7" id="hosted_application1">Hosted application</h3>
<div class="level3">
@ -310,7 +312,7 @@ server {
}</pre>
</div>
<!-- EDIT7 SECTION "Hosted application" [4834-6463] -->
<!-- EDIT7 SECTION "Hosted application" [4937-6566] -->
<h3 class="sectionedit8" id="reverse_proxy1">Reverse proxy</h3>
<div class="level3">
@ -361,7 +363,7 @@ server {
}</pre>
</div>
<!-- EDIT8 SECTION "Reverse proxy" [6464-7758] -->
<!-- EDIT8 SECTION "Reverse proxy" [6567-7861] -->
<h2 class="sectionedit9" id="lemonldapng_configuration">LemonLDAP::NG configuration</h2>
<div class="level2">
@ -388,7 +390,7 @@ A virtual host contains:
</ul>
</div>
<!-- EDIT9 SECTION "LemonLDAP::NG configuration" [7759-8246] -->
<!-- EDIT9 SECTION "LemonLDAP::NG configuration" [7862-8349] -->
<h3 class="sectionedit10" id="access_rules_and_http_headers">Access rules and HTTP headers</h3>
<div class="level3">
@ -397,7 +399,7 @@ See <strong><a href="writingrulesand_headers.html" class="wikilink1" title="docu
</p>
</div>
<!-- EDIT10 SECTION "Access rules and HTTP headers" [8247-8439] -->
<!-- EDIT10 SECTION "Access rules and HTTP headers" [8350-8542] -->
<h3 class="sectionedit11" id="post_data">POST data</h3>
<div class="level3">
@ -406,7 +408,7 @@ See <strong><a href="formreplay.html" class="wikilink1" title="documentation:2.0
</p>
</div>
<!-- EDIT11 SECTION "POST data" [8440-8574] -->
<!-- EDIT11 SECTION "POST data" [8543-8677] -->
<h3 class="sectionedit12" id="options">Options</h3>
<div class="level3">
@ -427,6 +429,6 @@ These options are used to build redirection <abbr title="Uniform Resource Locato
</p>
</div>
<!-- EDIT12 SECTION "Options" [8575-] --></div>
<!-- EDIT12 SECTION "Options" [8678-] --></div>
</body>
</html>

27
doc/pages/documentation/current/customfunctions.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:customfunctions</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,customfunctions"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="customfunctions.html"/>
@ -86,30 +86,21 @@ Create your Perl module with custom functions. You can name your module as you w
<pre class="code file perl"><a href="http://perldoc.perl.org/functions/package.html"><span class="kw3">package</span></a> SSOExtensions<span class="sy0">;</span>
&nbsp;
<span class="kw2">sub</span> function1 <span class="br0">&#123;</span>
<span class="kw1">my</span> <span class="re0">$url</span> <span class="sy0">=</span> <a href="http://perldoc.perl.org/functions/shift.html"><span class="kw3">shift</span></a><span class="sy0">;</span>
<span class="kw1">my</span> <span class="re0">$param</span> <span class="sy0">=</span> <a href="http://perldoc.perl.org/functions/shift.html"><span class="kw3">shift</span></a><span class="sy0">;</span>
<span class="kw1">my</span> <span class="br0">&#40;</span><span class="re0">@args</span><span class="br0">&#41;</span> <span class="sy0">=</span> <span class="co5">@_</span><span class="sy0">;</span>
&nbsp;
<span class="co1"># Your nice code here</span>
&nbsp;
<a href="http://perldoc.perl.org/functions/return.html"><span class="kw3">return</span></a> <span class="re0">$param</span><span class="sy0">;</span>
<a href="http://perldoc.perl.org/functions/return.html"><span class="kw3">return</span></a> <span class="re0">$result</span><span class="sy0">;</span>
<span class="br0">&#125;</span>
&nbsp;
<span class="nu0">1</span><span class="sy0">;</span></pre>
<div class="notetip">First parameter passed to the custom function is the requested <abbr title="Uniform Resource Locator">URL</abbr>, that is<ul>
<li class="level1"><div class="li"> <strong>portal full <abbr title="Uniform Resource Locator">URL</abbr></strong> if custom function is run by portal (e.g. <a href="https://auth.example.com/" class="urlextern" title="https://auth.example.com/" rel="nofollow">https://auth.example.com/</a>)</div>
</li>
<li class="level1"><div class="li"> <strong>absolute <abbr title="Uniform Resource Locator">URL</abbr></strong> if it is run by handler (e.g. /admin/index.php?param=foo).</div>
</li>
</ul>
</div>
</div>
<!-- EDIT2 SECTION "Write custom functions library" [220-844] -->
<!-- EDIT2 SECTION "Write custom functions library" [220-554] -->
<h2 class="sectionedit3" id="import_custom_functions_in_lemonldapng">Import custom functions in LemonLDAP::NG</h2>
<div class="level2">
</div>
<!-- EDIT3 SECTION "Import custom functions in LemonLDAP::NG" [845-898] -->
<!-- EDIT3 SECTION "Import custom functions in LemonLDAP::NG" [555-608] -->
<h3 class="sectionedit4" id="declare_module_in_handler_server">Declare module in handler server</h3>
<div class="level3">
@ -151,7 +142,7 @@ GROUP=www-data
CUSTOM_FUNCTIONS_FILE=/root/SSOExtensions.pm</pre>
</div>
<!-- EDIT4 SECTION "Declare module in handler server" [899-1833] -->
<!-- EDIT4 SECTION "Declare module in handler server" [609-1543] -->
<h3 class="sectionedit5" id="declare_custom_functions">Declare custom functions</h3>
<div class="level3">
@ -162,16 +153,16 @@ Go in Manager, <code>General Parameters</code> » <code>Advanced Parameters</cod
<div class="noteimportant">If your function is not compliant with <a href="safejail.html" class="wikilink1" title="documentation:2.0:safejail">Safe jail</a>, you will need to disable the jail.
</div>
</div>
<!-- EDIT5 SECTION "Declare custom functions" [1834-2130] -->
<!-- EDIT5 SECTION "Declare custom functions" [1544-1840] -->
<h2 class="sectionedit6" id="use_it">Use it</h2>
<div class="level2">
<p>
You can now use your function in a macro, an header or an access rule, for example:
</p>
<pre class="code">Custom-Header =&gt; function1($uid)</pre>
<pre class="code">Custom-Header =&gt; function1( $uid, $ENV{REMOTE_ADDR} )</pre>
</div>
<!-- EDIT6 SECTION "Use it" [2131-] --></div>
<!-- EDIT6 SECTION "Use it" [1841-] --></div>
</body>
</html>

41
doc/pages/documentation/current/extendedfunctions.html
View File

@ -62,6 +62,7 @@
<li class="level2"><div class="li"><a href="#groupmatch">groupMatch</a></div></li>
<li class="level2"><div class="li"><a href="#encrypt">encrypt</a></div></li>
<li class="level2"><div class="li"><a href="#token">token</a></div></li>
<li class="level2"><div class="li"><a href="#isinnet6">isInNet6</a></div></li>
</ul></li>
</ul>
</div>
@ -126,13 +127,19 @@ Inside this jail, you can access to:
</li>
<li class="level2"><div class="li"> <a href="#groupmatch" title="documentation:2.0:extendedfunctions ↵" class="wikilink1">groupMatch</a></div>
</li>
<li class="level2"><div class="li"> <a href="#encrypt" title="documentation:2.0:extendedfunctions ↵" class="wikilink1">encrypt</a></div>
</li>
<li class="level2"><div class="li"> <a href="#token" title="documentation:2.0:extendedfunctions ↵" class="wikilink1">token</a></div>
</li>
<li class="level2"><div class="li"> <a href="#isinnet6" title="documentation:2.0:extendedfunctions ↵" class="wikilink1">isInNet6</a></div>
</li>
</ul>
</li>
</ul>
<div class="notetip">To know more about the jail, check <a href="http://perldoc.perl.org/Safe.html" class="urlextern" title="http://perldoc.perl.org/Safe.html" rel="nofollow">Safe module documentation</a>.
</div>
</div>
<!-- EDIT2 SECTION "Presentation" [35-1192] -->
<!-- EDIT2 SECTION "Presentation" [35-1271] -->
<h2 class="sectionedit3" id="request_information">Request information</h2>
<div class="level2">
@ -159,12 +166,12 @@ The following data about the current request are available through functions :
</ul>
</div>
<!-- EDIT3 SECTION "Request information" [1193-1598] -->
<!-- EDIT3 SECTION "Request information" [1272-1677] -->
<h2 class="sectionedit4" id="extended_functions_list">Extended Functions List</h2>
<div class="level2">
</div>
<!-- EDIT4 SECTION "Extended Functions List" [1599-1635] -->
<!-- EDIT4 SECTION "Extended Functions List" [1678-1714] -->
<h3 class="sectionedit5" id="date">date</h3>
<div class="level3">
@ -174,7 +181,7 @@ Returns the date, in format YYYYMMDDHHMMSS, local time by default, GMT by callin
<pre class="code">date(1)</pre>
</div>
<!-- EDIT5 SECTION "date" [1636-1755] -->
<!-- EDIT5 SECTION "date" [1715-1834] -->
<h3 class="sectionedit6" id="checklogonhours">checkLogonHours</h3>
<div class="level3">
@ -231,7 +238,7 @@ You can modify the default behavior for people without value in ssoLogonHours. I
<pre class="code">checkLogonHours($ssoLogonHours, &#039;&#039;, &#039;&#039;, &#039;1&#039;)</pre>
</div>
<!-- EDIT6 SECTION "checkLogonHours" [1756-3693] -->
<!-- EDIT6 SECTION "checkLogonHours" [1835-3772] -->
<h3 class="sectionedit7" id="checkdate">checkDate</h3>
<div class="level3">
@ -263,7 +270,7 @@ Simple usage example:
<pre class="code">checkDate($ssoStartDate, $ssoEndDate)</pre>
</div>
<!-- EDIT7 SECTION "checkDate" [3694-4321] -->
<!-- EDIT7 SECTION "checkDate" [3773-4400] -->
<h3 class="sectionedit8" id="basic">basic</h3>
<div class="level3">
<div class="noteimportant">This function is not compliant with <a href="safejail.html" class="wikilink1" title="documentation:2.0:safejail">Safe jail</a>, you will need to disable the jail to use it.
@ -288,7 +295,7 @@ Simple usage example:
<pre class="code">basic($uid,$_password)</pre>
</div>
<!-- EDIT8 SECTION "basic" [4322-4784] -->
<!-- EDIT8 SECTION "basic" [4401-4863] -->
<h3 class="sectionedit9" id="unicode2iso">unicode2iso</h3>
<div class="level3">
<div class="noteimportant">This function is not compliant with <a href="safejail.html" class="wikilink1" title="documentation:2.0:safejail">Safe jail</a>, you will need to disable the jail to use it.
@ -311,7 +318,7 @@ Simple usage example:
<pre class="code">unicode2iso($name)</pre>
</div>
<!-- EDIT9 SECTION "unicode2iso" [4785-5089] -->
<!-- EDIT9 SECTION "unicode2iso" [4864-5168] -->
<h3 class="sectionedit10" id="iso2unicode">iso2unicode</h3>
<div class="level3">
<div class="noteimportant">This function is not compliant with <a href="safejail.html" class="wikilink1" title="documentation:2.0:safejail">Safe jail</a>, you will need to disable the jail to use it.
@ -334,7 +341,7 @@ Simple usage example:
<pre class="code">iso2unicode($name)</pre>
</div>
<!-- EDIT10 SECTION "iso2unicode" [5090-5394] -->
<!-- EDIT10 SECTION "iso2unicode" [5169-5473] -->
<h3 class="sectionedit11" id="groupmatch">groupMatch</h3>
<div class="level3">
@ -360,7 +367,7 @@ Simple usage example:
<pre class="code">groupMatch($hGroups, &#039;description&#039;, &#039;Service 1&#039;)</pre>
</div>
<!-- EDIT11 SECTION "groupMatch" [5395-5753] -->
<!-- EDIT11 SECTION "groupMatch" [5474-5832] -->
<h3 class="sectionedit12" id="encrypt">encrypt</h3>
<div class="level3">
<div class="notetip">Since version 2.0, this function is now compliant with <a href="safejail.html" class="wikilink1" title="documentation:2.0:safejail">Safe jail</a>.
@ -371,7 +378,7 @@ This function uses the secret key of LLNG configuration to crypt a data. This ca
<pre class="code">encrypt($_whatToTrace)</pre>
</div>
<!-- EDIT12 SECTION "encrypt" [5754-6059] -->
<!-- EDIT12 SECTION "encrypt" [5833-6138] -->
<h3 class="sectionedit13" id="token">token</h3>
<div class="level3">
@ -381,6 +388,16 @@ This function generates token used to <a href="servertoserver.html" class="wikil
<pre class="code">token($_session_id,&#039;webapp1.example.com&#039;,&#039;webapp2.example.com&#039;)</pre>
</div>
<!-- EDIT13 SECTION "token" [6060-] --></div>
<!-- EDIT13 SECTION "token" [6139-6343] -->
<h3 class="sectionedit14" id="isinnet6">isInNet6</h3>
<div class="level3">
<p>
Function to check if an IPv6 address is in a subnet. Example <em>check if <abbr title="Internet Protocol">IP</abbr> address is local</em>:
</p>
<pre class="code perl">isInNet6<span class="br0">&#40;</span><span class="re0">$ipAddr</span><span class="sy0">,</span> <span class="st_h">'fe80::/10'</span><span class="br0">&#41;</span></pre>
</div>
<!-- EDIT14 SECTION "isInNet6" [6344-] --></div>
</body>
</html>

86
doc/pages/documentation/current/external2f.html Normal file
View File

@ -0,0 +1,86 @@
<!DOCTYPE html>
<html lang="en" dir="ltr">
<head>
<meta charset="utf-8" />
<title>documentation:2.0:external2f</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,external2f"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="external2f.html"/>
<link rel="contents" href="external2f.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else -->
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<!-- //endif -->
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:external2f","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script>
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script>
<!-- //endif -->
<!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script>
<!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="external_second_factor">External Second Factor</h1>
<div class="level1">
<p>
This simple plugin can be used to add a second factor for authentication (SMS, OTP,…). It uses external commands to send and validate the second factor. You can use any language to call your 2nd factor system.
</p>
</div>
<!-- EDIT1 SECTION "External Second Factor" [1-251] -->
<h2 class="sectionedit2" id="commands">Commands</h2>
<div class="level2">
<p>
Commands received arguments on the command line and must return a 0 code if succeed, another else. <strong>Nothing must be written to STDOUT</strong>, STDERR is reported in logs <em>(but may be lost with FastCGI server)</em>.
</p>
</div>
<!-- EDIT2 SECTION "Commands" [252-483] -->
<h3 class="sectionedit3" id="configuration">Configuration</h3>
<div class="level3">
<p>
All parameters are configured in “General Parameters » Portal Parameters » Extensions » External 2nd Factor”.
</p>
<ul>
<li class="level1"><div class="li"> <strong>Activation</strong></div>
</li>
<li class="level1"><div class="li"> <strong>Send command</strong>: define your command using <em>$attribute</em> like in rules. Example: <code>/usr/local/bin/sendOtp uid $uid</code></div>
</li>
<li class="level1"><div class="li"> <strong>Validation command</strong>: you must also use <em>$code</em> which is the value entered by user; Example: <code>/usr/local/bin/verify uid $uid code $code</code></div>
</li>
<li class="level1"><div class="li"> <strong>Authentication Level</strong>: if you want to overwrite the value sent by your authentication module, you can define here the new authentication level. Example: 5</div>
</li>
</ul>
<div class="noteimportant">The command line is split in an array and launch with exec(). So you don&#039;t need to enclose arguments in “” and this protects your system against shell injection. However, you can not use any space except to separate arguments.
</div>
</div>
<!-- EDIT3 SECTION "Configuration" [484-] --></div>
</body>
</html>

15
doc/pages/documentation/current/federationproxy.html
View File

@ -62,19 +62,20 @@ So you can configure it to authenticate users using a federation protocol and si
</p>
<p>
For example, a <abbr title="LemonLDAP::NG">LL::NG</abbr> server can be:
Schemes validated:
</p>
<ul>
<li class="level1"><div class="li"> A <a href="idpcas.html" class="wikilink1" title="documentation:2.0:idpcas">CAS server</a> with <a href="authsaml.html" class="wikilink1" title="documentation:2.0:authsaml">SAML authentication</a></div>
<li class="level1"><div class="li"> <abbr title="Security Assertion Markup Language">SAML</abbr>-SP <strong></strong> LLNG as <a href="idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">SAML</a>/<a href="authopenidconnect.html" class="wikilink1" title="documentation:2.0:authopenidconnect">OpenID-Connect</a> proxy <strong></strong> OIDC Provider</div>
</li>
<li class="level1"><div class="li"> An <a href="idpopenid.html" class="wikilink1" title="documentation:2.0:idpopenid">OpenID server</a> with <a href="authcas.html" class="wikilink1" title="documentation:2.0:authcas">CAS authentication</a></div>
</li>
<li class="level1"><div class="li"> An <a href="idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">SAML server</a> with <a href="authopenid.html" class="wikilink1" title="documentation:2.0:authopenid">OpenID authentication</a></div>
</li>
<li class="level1"><div class="li"></div>
<li class="level1"><div class="li"> OIDC-RP <strong></strong> LLNG as <a href="idpopenidconnect.html" class="wikilink1" title="documentation:2.0:idpopenidconnect">OpenID-Connect</a>/<a href="authsaml.html" class="wikilink1" title="documentation:2.0:authsaml">SAML</a> proxy <strong></strong> <abbr title="Security Assertion Markup Language">SAML</abbr> Identity Provider</div>
</li>
</ul>
<p>
Note that OpenID-Connect consortium hasn&#039;t already defined single-logout initiated by OpenID-Connect Provider. LLNG will implement it when this standard will be published.
</p>
<div class="noteimportant">Development of federation can be complex. Don&#039;t hesitate to contact us on lemonldap-ng-users@ow2.org
</div>
<p>
See the following chapters:
</p>

18
doc/pages/documentation/current/performances.html
View File

@ -211,11 +211,15 @@ The portal is the biggest component of Lemonldap::NG. Since version 2.0, it is r
<li class="level1"><div class="li"></div>
</li>
</ul>
<p>
By default it uses local storage to store its tokens. If you have more than 1 portal and if your load-balancer doesn&#039;t keep state, you have to disable this to use the global session storage <em>(General parameters » portal Parameters » Advanced Parameters » Forms)</em>. Note that this will decrease performances.
</p>
<div class="notetip">In production environment for network performance, prefer using minified versions of javascript and css libs: use <code>make install <strong>PROD=yes</strong></code>. This is done by default in RPM/DEB packages.
</div>
</div>
<!-- EDIT7 SECTION "General performances" [3645-4198] -->
<!-- EDIT7 SECTION "General performances" [3645-4511] -->
<h3 class="sectionedit8" id="apachesession_performances">Apache::Session performances</h3>
<div class="level3">
@ -262,11 +266,11 @@ Index -&gt; ipAddr uid</pre>
<p>
Note that Apache::Session::Browseable::MySQL doesn&#039;t use MySQL locks.
</p>
<div class="notetip">A <a href="https://metacpan.org/module/Apache::Session::Browseable::Redis" class="urlextern" title="https://metacpan.org/module/Apache::Session::Browseable::Redis" rel="nofollow">Apache::Session::Browseable::Redis</a> has been created, it is the faster (except for session explorer, defeated by Apache::Session::Browseable::<a href="https://metacpan.org/module/Apache::Session::Browseable" class="urlextern" title="https://metacpan.org/module/Apache::Session::Browseable" rel="nofollow">DBI</a>/<a href="https://metacpan.org/module/Apache::Session::Browseable::LDAP" class="urlextern" title="https://metacpan.org/module/Apache::Session::Browseable::LDAP" rel="nofollow">LDAP</a> &gt;= 1.0)
<div class="notetip">A <a href="https://metacpan.org/module/Apache::Session::Browseable::Redis" class="urlextern" title="https://metacpan.org/module/Apache::Session::Browseable::Redis" rel="nofollow">Apache::Session::Browseable::Redis</a> has been created, it is the faster (except for session explorer, defeated by Apache::Session::Browseable::<a href="https://metacpan.org/module/Apache::Session::Browseable" class="urlextern" title="https://metacpan.org/module/Apache::Session::Browseable" rel="nofollow">DBI</a>/<a href="https://metacpan.org/module/Apache::Session::Browseable::LDAP" class="urlextern" title="https://metacpan.org/module/Apache::Session::Browseable::LDAP" rel="nofollow">LDAP</a> 1.0)
</div><div class="noteimportant">Some Apache::Session module are not fully usable by Lemonldap::NG such as Apache::Session::Memcached since this modules do not offer capability to browse sessions. They does not allow one to use sessions explorer neither manage one-off sessions.
</div>
</div>
<!-- EDIT8 SECTION "Apache::Session performances" [4199-6555] -->
<!-- EDIT8 SECTION "Apache::Session performances" [4512-6869] -->
<h3 class="sectionedit9" id="ldap_performances">LDAP performances</h3>
<div class="level3">
@ -303,12 +307,12 @@ Now ldapgroups contains “admin su”
</div>
</div>
<!-- EDIT9 SECTION "LDAP performances" [6556-7685] -->
<!-- EDIT9 SECTION "LDAP performances" [6870-7999] -->
<h2 class="sectionedit10" id="manager_performances">Manager performances</h2>
<div class="level2">
</div>
<!-- EDIT10 SECTION "Manager performances" [7686-7719] -->
<!-- EDIT10 SECTION "Manager performances" [8000-8033] -->
<h3 class="sectionedit11" id="disable_unused_modules">Disable unused modules</h3>
<div class="level3">
@ -319,7 +323,7 @@ In lemonldap-ng.ini, set only modules that you will use. By default, configurati
<span class="re1">enabledModules</span> <span class="sy0">=</span><span class="re2"> conf, sessions</span></pre>
</div>
<!-- EDIT11 SECTION "Disable unused modules" [7720-7966] -->
<!-- EDIT11 SECTION "Disable unused modules" [8034-8280] -->
<h3 class="sectionedit12" id="use_static_html_files">Use static HTML files</h3>
<div class="level3">
@ -346,6 +350,6 @@ So manager <abbr title="HyperText Markup Language">HTML</abbr> templates will be
</p>
</div>
<!-- EDIT12 SECTION "Use static HTML files" [7967-] --></div>
<!-- EDIT12 SECTION "Use static HTML files" [8281-] --></div>
</body>
</html>

4
doc/pages/documentation/current/restserverplugin
View File

@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/restserverplugin?do=login&amp;sectok=378132ea54accc5c67c7c9ceda71bf59" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/restserverplugin?do=login&amp;sectok=62a29c35a267f658799e362598e991b4" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Arestserverplugin&amp;1489508257" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Arestserverplugin&amp;1490850194" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>

33
doc/pages/documentation/current/start.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:start</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,start"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="start.html"/>
@ -237,7 +237,7 @@
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0"> <a href="authad.html" class="wikilink1" title="documentation:2.0:authad">Active Directory</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 leftalign"> </td>
<td class="col0"> <a href="authad.html" class="wikilink1" title="documentation:2.0:authad">Active Directory</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"> </td>
</tr>
<tr class="row2 roweven">
<td class="col0"> <a href="authapache.html" class="wikilink1" title="documentation:2.0:authapache">Apache (Kerberos, NTLM, OTP, ...)</a> </td><td class="col1 centeralign"></td><td class="col2 leftalign"> </td><td class="col3 leftalign"> </td>
@ -323,14 +323,17 @@
<tr class="row29 rowodd">
<td class="col0"> <a href="u2f.html" class="wikilink1" title="documentation:2.0:u2f">U2F</a> </td><td class="col1 centeralign"></td><td class="col2"></td><td class="col3"></td>
</tr>
<tr class="row30 roweven">
<td class="col0"> <a href="external2f.html" class="wikilink1" title="documentation:2.0:external2f">External Second Factor</a> </td><td class="col1 centeralign"></td><td class="col2"></td><td class="col3"></td>
</tr>
</table></div>
<!-- EDIT10 TABLE [2160-3733] -->
<!-- EDIT10 TABLE [2160-3786] -->
<p>
</div></div>
</p>
</div>
<!-- EDIT9 SECTION "Authentication, users and password databases" [1987-3761] -->
<!-- EDIT9 SECTION "Authentication, users and password databases" [1987-3814] -->
<h3 class="sectionedit11" id="configuration_database">Configuration database</h3>
<div class="level3">
@ -365,14 +368,14 @@
<td class="col0 centeralign"> <a href="soapconfbackend.html" class="wikilink1" title="documentation:2.0:soapconfbackend">SOAP</a> </td><td class="col1 centeralign"></td><td class="col2 leftalign"> Proxy backend to be used in conjunction with another configuration backend. <br/><strong>Can be used to secure another backend</strong> for remote servers. </td>
</tr>
</table></div>
<!-- EDIT12 TABLE [4036-4625] --><div class="notetip">You can not start with an empty configuration, so read <a href="changeconfbackend.html" class="wikilink1" title="documentation:2.0:changeconfbackend">how to change configuration backend</a> to convert your existing configuration into another one.
<!-- EDIT12 TABLE [4089-4678] --><div class="notetip">You can not start with an empty configuration, so read <a href="changeconfbackend.html" class="wikilink1" title="documentation:2.0:changeconfbackend">how to change configuration backend</a> to convert your existing configuration into another one.
</div>
<p>
</div></div>
</p>
</div>
<!-- EDIT11 SECTION "Configuration database" [3762-4841] -->
<!-- EDIT11 SECTION "Configuration database" [3815-4894] -->
<h3 class="sectionedit13" id="sessions_database">Sessions database</h3>
<div class="level3">
@ -418,13 +421,13 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
<strong>Can be used to secure another backend</strong> for remote servers. </td>
</tr>
</table></div>
<!-- EDIT14 TABLE [5227-6885] -->
<!-- EDIT14 TABLE [5280-6938] -->
<p>
</div></div>
</p>
</div>
<!-- EDIT13 SECTION "Sessions database" [4842-6913] -->
<!-- EDIT13 SECTION "Sessions database" [4895-6966] -->
<h3 class="sectionedit15" id="identity_provider">Identity provider</h3>
<div class="level3">
<div class="notetip"><ul>
@ -458,7 +461,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT15 SECTION "Identity provider" [6914-7458] -->
<!-- EDIT15 SECTION "Identity provider" [6967-7511] -->
<h2 class="sectionedit16" id="applications_protection">Applications protection</h2>
<div class="level2">
@ -487,7 +490,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT16 SECTION "Applications protection" [7459-7949] -->
<!-- EDIT16 SECTION "Applications protection" [7512-8002] -->
<h3 class="sectionedit17" id="well_known_compatible_applications">Well known compatible applications</h3>
<div class="level3">
<div class="noteclassic">Here is a list of well known applications that are compatible with <abbr title="LemonLDAP::NG">LL::NG</abbr>. A full list is available on <a href="applications.html" class="wikilink1" title="documentation:2.0:applications">vendor applications page</a>.
@ -567,7 +570,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT17 SECTION "Well known compatible applications" [7950-9723] -->
<!-- EDIT17 SECTION "Well known compatible applications" [8003-9776] -->
<h2 class="sectionedit18" id="advanced_features">Advanced features</h2>
<div class="level2">
@ -618,7 +621,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT18 SECTION "Advanced features" [9724-10661] -->
<!-- EDIT18 SECTION "Advanced features" [9777-10714] -->
<h2 class="sectionedit19" id="mini_howtos">Mini howtos</h2>
<div class="level2">
@ -649,7 +652,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT19 SECTION "Mini howtos" [10662-11331] -->
<!-- EDIT19 SECTION "Mini howtos" [10715-11384] -->
<h2 class="sectionedit20" id="exploitation">Exploitation</h2>
<div class="level2">
@ -682,7 +685,7 @@ Sessions are stored using <a href="http://search.cpan.org/perldoc?Apache::Sessio
</p>
</div>
<!-- EDIT20 SECTION "Exploitation" [11332-11752] -->
<!-- EDIT20 SECTION "Exploitation" [11385-11805] -->
<h2 class="sectionedit21" id="developer_corner">Developer corner</h2>
<div class="level2">
@ -733,6 +736,6 @@ To translate this doc (Manager help):
</ul>
</div>
<!-- EDIT21 SECTION "Developer corner" [11753-] --></div>
<!-- EDIT21 SECTION "Developer corner" [11806-] --></div>
</body>
</html>

22
doc/pages/documentation/current/upgrade.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:upgrade</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,upgrade"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="upgrade.html"/>
@ -127,12 +127,16 @@ Now, <a href="cda.html" class="wikilink1" title="documentation:2.0:cda">CDA</a>,
<h2 class="sectionedit6" id="rules_and_headers">Rules and headers</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> pseudo variable <code>$ip</code> is replaced by <code><a href="extendedfunctions.html#request_information" class="wikilink1" title="documentation:2.0:extendedfunctions">remote_ip()</a></code> function in <a href="writingrulesand_headers.html" class="wikilink1" title="documentation:2.0:writingrulesand_headers">rules and headers</a>. Note that session variable <code>$ipAddr</code> <em>(remote address seen by portal)</em> is still available</div>
<li class="level1"><div class="li"> hostname() and remote_ip() are no more provided to avoid some name conflicts <em>(replaced by $ENV{})</em></div>
</li>
<li class="level1"><div class="li"> <code>$ENV{&lt;cgi_variable&gt;}</code> is now available everywhere: see <a href="writingrulesand_headers.html" class="wikilink1" title="documentation:2.0:writingrulesand_headers">Writing rules and headers</a></div>
</li>
<li class="level1"><div class="li"> some variable names have changed. See <a href="variables.html" class="wikilink1" title="documentation:2.0:variables">variables</a> document</div>
</li>
</ul>
</div>
<!-- EDIT6 SECTION "Rules and headers" [2203-2488] -->
<!-- EDIT6 SECTION "Rules and headers" [2203-2521] -->
<h2 class="sectionedit7" id="supported_servers">Supported servers</h2>
<div class="level2">
<ul>
@ -141,7 +145,7 @@ Now, <a href="cda.html" class="wikilink1" title="documentation:2.0:cda">CDA</a>,
</ul>
</div>
<!-- EDIT7 SECTION "Supported servers" [2489-2634] -->
<!-- EDIT7 SECTION "Supported servers" [2522-2667] -->
<h2 class="sectionedit8" id="soaprest_services">SOAP/REST services</h2>
<div class="level2">
<ul>
@ -157,12 +161,12 @@ Now, <a href="cda.html" class="wikilink1" title="documentation:2.0:cda">CDA</a>,
<div class="noteimportant"><a href="handlerauthbasic.html" class="wikilink1" title="documentation:2.0:handlerauthbasic">AuthBasic Handler</a> uses now REST services instead of SOAP.
</div>
</div>
<!-- EDIT8 SECTION "SOAP/REST services" [2635-3233] -->
<!-- EDIT8 SECTION "SOAP/REST services" [2668-3266] -->
<h2 class="sectionedit9" id="developer_corner">Developer corner</h2>
<div class="level2">
</div>
<!-- EDIT9 SECTION "Developer corner" [3234-3263] -->
<!-- EDIT9 SECTION "Developer corner" [3267-3296] -->
<h3 class="sectionedit10" id="apis">APIs</h3>
<div class="level3">
@ -171,7 +175,7 @@ Portal has now many REST features and includes a plugin <abbr title="Application
</p>
</div>
<!-- EDIT10 SECTION "APIs" [3264-3421] -->
<!-- EDIT10 SECTION "APIs" [3297-3454] -->
<h3 class="sectionedit11" id="portal_overview">Portal overview</h3>
<div class="level3">
@ -193,12 +197,12 @@ The request is a separated object based on Lemonldap::NG::Portal::Main::Request
</p>
</div>
<!-- EDIT11 SECTION "Portal overview" [3422-3869] -->
<!-- EDIT11 SECTION "Portal overview" [3455-3902] -->
<h3 class="sectionedit12" id="handler">Handler</h3>
<div class="level3">
<div class="noteimportant">Handler libraries have been totally rewritten. If you&#039;ve made custom handlers, they must be rewritten. See <a href="customhandlers.html" class="wikilink1" title="documentation:2.0:customhandlers">customhandlers</a>
</div>
</div>
<!-- EDIT12 SECTION "Handler" [3870-] --></div>
<!-- EDIT12 SECTION "Handler" [3903-] --></div>
</body>
</html>

48
doc/pages/documentation/current/variables.html
View File

@ -214,18 +214,18 @@ Datas around the authentication process.
<td class="col0 leftalign"> _utime </td><td class="col1 leftalign"> Timestamp of session creation </td>
</tr>
<tr class="row2 roweven">
<td class="col0 leftalign"> startTime </td><td class="col1 leftalign"> Date of session creation </td>
<td class="col0 leftalign"> _startTime </td><td class="col1 leftalign"> Date of session creation </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 leftalign"> updateTime </td><td class="col1 leftalign"> Date of session last modification </td>
<td class="col0 leftalign"> _updateTime </td><td class="col1 leftalign"> Date of session last modification </td>
</tr>
<tr class="row4 roweven">
<td class="col0"> _lastAuthnUTime </td><td class="col1 leftalign"> Timestamp of last authentication time </td>
</tr>
</table></div>
<!-- EDIT10 TABLE [2160-2387] -->
<!-- EDIT10 TABLE [2160-2389] -->
</div>
<!-- EDIT9 SECTION "Dates" [2141-2388] -->
<!-- EDIT9 SECTION "Dates" [2141-2390] -->
<h2 class="sectionedit11" id="saml">SAML</h2>
<div class="level2">
@ -254,9 +254,9 @@ Datas related to <abbr title="Security Assertion Markup Language">SAML</abbr> pr
<td class="col0 leftalign"> _lassoIdentityDump </td><td class="col1 leftalign"> Lasso identity dump </td>
</tr>
</table></div>
<!-- EDIT12 TABLE [2439-2704] -->
<!-- EDIT12 TABLE [2441-2706] -->
</div>
<!-- EDIT11 SECTION "SAML" [2389-2705] -->
<!-- EDIT11 SECTION "SAML" [2391-2707] -->
<h2 class="sectionedit13" id="notifications">Notifications</h2>
<div class="level2">
<div class="table sectionedit14"><table class="inline table table-bordered table-striped">
@ -269,9 +269,9 @@ Datas related to <abbr title="Security Assertion Markup Language">SAML</abbr> pr
<td class="col0 leftalign"> _notification_<em>id</em> </td><td class="col1 leftalign"> Date of validation of the notification <em>id</em> </td>
</tr>
</table></div>
<!-- EDIT14 TABLE [2733-2833] -->
<!-- EDIT14 TABLE [2735-2835] -->
</div>
<!-- EDIT13 SECTION "Notifications" [2706-2834] -->
<!-- EDIT13 SECTION "Notifications" [2708-2836] -->
<h2 class="sectionedit15" id="login_history">Login history</h2>
<div class="level2">
<div class="table sectionedit16"><table class="inline table table-bordered table-striped">
@ -281,12 +281,12 @@ Datas related to <abbr title="Security Assertion Markup Language">SAML</abbr> pr
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> loginHistory </td><td class="col1 leftalign"> HASH of login success and failures </td>
<td class="col0 leftalign"> _loginHistory </td><td class="col1 leftalign"> HASH of login success and failures </td>
</tr>
</table></div>
<!-- EDIT16 TABLE [2862-2943] -->
<!-- EDIT16 TABLE [2864-2946] -->
</div>
<!-- EDIT15 SECTION "Login history" [2835-2944] -->
<!-- EDIT15 SECTION "Login history" [2837-2947] -->
<h2 class="sectionedit17" id="ldap">LDAP</h2>
<div class="level2">
@ -300,12 +300,12 @@ Only with UserDB LDAP.
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> dn </td><td class="col1"> Distinguished name </td>
<td class="col0 leftalign"> _dn </td><td class="col1"> Distinguished name </td>
</tr>
</table></div>
<!-- EDIT18 TABLE [2987-3041] -->
<!-- EDIT18 TABLE [2990-3045] -->
</div>
<!-- EDIT17 SECTION "LDAP" [2945-3042] -->
<!-- EDIT17 SECTION "LDAP" [2948-3046] -->
<h2 class="sectionedit19" id="openid">OpenID</h2>
<div class="level2">
<div class="table sectionedit20"><table class="inline table table-bordered table-striped">
@ -318,9 +318,9 @@ Only with UserDB LDAP.
<td class="col0 leftalign"> _openid_<em>id</em> </td><td class="col1 leftalign"> Consent to share attribute <em>id</em> trough OpenID </td>
</tr>
</table></div>
<!-- EDIT20 TABLE [3063-3159] -->
<!-- EDIT20 TABLE [3067-3163] -->
</div>
<!-- EDIT19 SECTION "OpenID" [3043-3160] -->
<!-- EDIT19 SECTION "OpenID" [3047-3164] -->
<h2 class="sectionedit21" id="openid_connect">OpenID Connect</h2>
<div class="level2">
<div class="table sectionedit22"><table class="inline table table-bordered table-striped">
@ -330,13 +330,13 @@ Only with UserDB LDAP.
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> OpenIDConnect_IDToken </td><td class="col1 leftalign"> ID Token </td>
<td class="col0 leftalign"> _oidc_id_token </td><td class="col1 leftalign"> ID Token </td>
</tr>
<tr class="row2 roweven">
<td class="col0 leftalign"> OpenIDConnect_OP </td><td class="col1 leftalign"> Configuration key of OP used for authentication </td>
<td class="col0 leftalign"> _oidc_OP </td><td class="col1 leftalign"> Configuration key of OP used for authentication </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 leftalign"> OpenIDConnect_access_token </td><td class="col1 leftalign"> OAuth2 Access Token used to get UserInfo data </td>
<td class="col0 leftalign"> _oidc_access_token </td><td class="col1 leftalign"> OAuth2 Access Token used to get UserInfo data </td>
</tr>
<tr class="row4 roweven">
<td class="col0"> _oidc_consent_scope_<em>rp</em> </td><td class="col1 leftalign"> Scope for which consent was given for RP <em>rp</em> </td>
@ -345,9 +345,9 @@ Only with UserDB LDAP.
<td class="col0"> _oidc_consent_time_<em>rp</em> </td><td class="col1 leftalign"> Time when consent was given for RP <em>rp</em> </td>
</tr>
</table></div>
<!-- EDIT22 TABLE [3189-3564] -->
<!-- EDIT22 TABLE [3193-3545] -->
</div>
<!-- EDIT21 SECTION "OpenID Connect" [3161-3565] -->
<!-- EDIT21 SECTION "OpenID Connect" [3165-3546] -->
<h2 class="sectionedit23" id="other">Other</h2>
<div class="level2">
<div class="table sectionedit24"><table class="inline table table-bordered table-striped">
@ -357,14 +357,14 @@ Only with UserDB LDAP.
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> appsListOrder </td><td class="col1 leftalign"> Order of categories in the menu </td>
<td class="col0 leftalign"> _appsListOrder </td><td class="col1 leftalign"> Order of categories in the menu </td>
</tr>
<tr class="row2 roweven">
<td class="col0 leftalign"> _session_kind </td><td class="col1 leftalign"> Type of session (<abbr title="Single Sign On">SSO</abbr>, Persistent, …) </td>
</tr>
</table></div>
<!-- EDIT24 TABLE [3585-3725] -->
<!-- EDIT24 TABLE [3566-3707] -->
</div>
<!-- EDIT23 SECTION "Other" [3566-] --></div>
<!-- EDIT23 SECTION "Other" [3547-] --></div>
</body>
</html>

94
doc/pages/documentation/current/writingrulesand_headers.html
View File

@ -4,7 +4,7 @@
<meta charset="utf-8" />
<title>documentation:2.0:writingrulesand_headers</title>
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,writingrulesand_headers"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="writingrulesand_headers.html"/>
@ -49,7 +49,12 @@
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#rules">Rules</a></div></li>
<li class="level1"><div class="li"><a href="#available_env_variables">Available $ENV{} variables</a></div></li>
<li class="level1"><div class="li"><a href="#rules">Rules</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#rules_on_authentication_level">Rules on authentication level</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#headers">Headers</a></div></li>
<li class="level1"><div class="li"><a href="#available_functions">Available functions</a></div></li>
</ul>
@ -63,15 +68,38 @@
<p>
Lemonldap::NG manage applications by their hostname (Apache&#039;s virtualHosts). Rules are used to protect applications, headers are HTTP headers added to the request to give datas to the application (for logs, profiles,…).
</p>
<div class="noteimportant">Note that variables designed by $xx correspond to the name of the <a href="exportedvars.html" class="wikilink1" title="documentation:2.0:exportedvars">exported variables</a> or <a href="performances.html#macros_and_groups" class="wikilink1" title="documentation:2.0:performances">macro names</a>.
<div class="noteimportant">Note that variables designed by $xx correspond to the name of the <a href="exportedvars.html" class="wikilink1" title="documentation:2.0:exportedvars">exported variables</a> or <a href="performances.html#macros_and_groups" class="wikilink1" title="documentation:2.0:performances">macro names</a> except for <code>$ENV{&lt;cgi-header&gt;}</code> which correspond to CGI header <em>(<code>$ENV{REMOTE_ADDR}</code> for example)</em>.
</div>
</div>
<!-- EDIT1 SECTION "Writing rules and headers" [1-546] -->
<h2 class="sectionedit2" id="available_env_variables">Available $ENV{} variables</h2>
<div class="level2">
<p>
The %ENV table provides:
</p>
<ul>
<li class="level1"><div class="li"> all headers in CGI format <em>(<code>User-Agent</code> becomes <code>HTTP_USER_AGENT</code>)</em></div>
</li>
<li class="level1"><div class="li"> some CGI variables depending on the context:</div>
<ul>
<li class="level2"><div class="li"> For portal: all CGI standard variables <em>(you can add custom headers using <code>fastcgi_param</code> with Nginx)</em>,</div>
</li>
<li class="level2"><div class="li"> For Apache handler: REMOTE_ADDR, QUERY_STRING, REQUEST_<abbr title="Uniform Resource Identifier">URI</abbr>, SERVER_PORT, REQUEST_METHOD,</div>
</li>
<li class="level2"><div class="li"> For Nginx handler: all variables given by <code>fastcgi_param</code> commands.</div>
</li>
</ul>
</li>
</ul>
<p>
See also <a href="extendedfunctions.html" class="wikilink1" title="documentation:2.0:extendedfunctions">extended functions</a>.
</p>
</div>
<!-- EDIT1 SECTION "Writing rules and headers" [1-492] -->
<h2 class="sectionedit2" id="rules">Rules</h2>
<!-- EDIT2 SECTION "Available $ENV{} variables" [547-1077] -->
<h2 class="sectionedit3" id="rules">Rules</h2>
<div class="level2">
<p>
@ -85,7 +113,7 @@ A rule associates a <a href="http://en.wikipedia.org/wiki/Perl_Compatible_Regula
<p>
Examples:
</p>
<div class="table sectionedit3"><table class="inline table table-bordered table-striped">
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Goal </th><th class="col1 centeralign"> Regular expression </th><th class="col2 centeralign"> Rule </th>
@ -110,7 +138,7 @@ Examples:
<td class="col0 leftalign"> Restrict access to the whole site to users that have the LDAP description field set to “LDAP administrator” (must be set in exported variables) </td><td class="col1 centeralign"> default </td><td class="col2 centeralign"> $description&nbsp;eq&nbsp;"LDAP&nbsp;administrator" </td>
</tr>
</table></div>
<!-- EDIT3 TABLE [715-1558] -->
<!-- EDIT4 TABLE [1300-2143] -->
<p>
The “<strong>default</strong>” access rule is used if no other access rule match the current <abbr title="Uniform Resource Locator">URL</abbr>.
</p>
@ -125,7 +153,7 @@ The “<strong>default</strong>” access rule is used if no other access rule m
<p>
Rules can also be used to intercept logout <abbr title="Uniform Resource Locator">URL</abbr>:
</p>
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<div class="table sectionedit5"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Goal </th><th class="col1 centeralign"> Regular expression </th><th class="col2 centeralign"> Rule </th>
@ -141,15 +169,49 @@ Rules can also be used to intercept logout <abbr title="Uniform Resource Locator
<td class="col0"> Logout user from current application and from Lemonldap::NG and redirect it to http://intranet/ <strong><em>(Apache only)</em></strong> </td><td class="col1 centeralign"> ^/index.php\?logout </td><td class="col2 centeralign"> logout_app_sso&nbsp;http://intranet/ </td>
</tr>
</table></div>
<!-- EDIT4 TABLE [2052-2700] -->
<!-- EDIT5 TABLE [2637-3285] -->
<p>
By default, user will be redirected on portal if no <abbr title="Uniform Resource Locator">URL</abbr> defined, or on the specified <abbr title="Uniform Resource Locator">URL</abbr> if any.
</p>
<div class="noteimportant">Only current application is concerned by logout_app* targets. Be careful with some applications which doesn&#039;t verify Lemonldap::NG headers after having created their own cookies. If so, you can redirect users to a <abbr title="HyperText Markup Language">HTML</abbr> page that explain that it is safe to close browser after disconnect.
</div>
</div>
<!-- EDIT2 SECTION "Rules" [493-3111] -->
<h2 class="sectionedit5" id="headers">Headers</h2>
<!-- EDIT3 SECTION "Rules" [1078-3696] -->
<h3 class="sectionedit6" id="rules_on_authentication_level">Rules on authentication level</h3>
<div class="level3">
<p>
LLNG set an “authentication level” during authentication process. This level is the value of the authentication backend used for this user. Default values are:
</p>
<ul>
<li class="level1"><div class="li"> 0 for <a href="authnull.html" class="wikilink1" title="documentation:2.0:authnull">Null</a></div>
</li>
<li class="level1"><div class="li"> 1 for <a href="authcas.html" class="wikilink1" title="documentation:2.0:authcas">CAS</a>, <a href="authopenid.html" class="wikilink1" title="documentation:2.0:authopenid">old OpenID-2</a>, <a href="authfacebook.html" class="wikilink1" title="documentation:2.0:authfacebook">Facebook</a>,…</div>
</li>
<li class="level1"><div class="li"> 2 for web-form based authentication <em>(<a href="authldap.html" class="wikilink1" title="documentation:2.0:authldap">LDAP</a>, <a href="authdbi.html" class="wikilink1" title="documentation:2.0:authdbi">DBI</a>,…)</em></div>
</li>
<li class="level1"><div class="li"> 3 for <a href="authyubikey.html" class="wikilink1" title="documentation:2.0:authyubikey">Yubikey</a></div>
</li>
<li class="level1"><div class="li"> 4 for <a href="authapache.html" class="wikilink1" title="documentation:2.0:authapache">Kerberos</a></div>
</li>
<li class="level1"><div class="li"> 5 for <a href="authssl.html" class="wikilink1" title="documentation:2.0:authssl">SSL</a></div>
</li>
</ul>
<p>
There are two way to impose users to have a high authentication level:
</p>
<ul>
<li class="level1"><div class="li"> writing a rule based en authentication level: <code>$authenticationLevel &gt; 3</code></div>
</li>
<li class="level1"><div class="li"> since 2.0, set a minimum level in virtual host options</div>
</li>
</ul>
<div class="notetip">Instead of returning a 403 code, “minimum level” returns user to a form that explain that a higher level is required and propose to user to reauthenticate itself.
</div>
</div>
<!-- EDIT6 SECTION "Rules on authentication level" [3697-4582] -->
<h2 class="sectionedit7" id="headers">Headers</h2>
<div class="level2">
<p>
@ -159,7 +221,7 @@ Headers are associations between an header name and a perl expression that retur
<p>
Examples:
</p>
<div class="table sectionedit6"><table class="inline table table-bordered table-striped">
<div class="table sectionedit8"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Goal </th><th class="col1 centeralign"> Header name </th><th class="col2 centeralign"> Header value </th>
@ -178,7 +240,7 @@ Examples:
<td class="col0 leftalign"> Give a non ascii data </td><td class="col1 centeralign"> Display-Name </td><td class="col2 centeralign"> encode_base64($givenName."&nbsp;".$surName) </td>
</tr>
</table></div>
<!-- EDIT6 TABLE [3295-3628] -->
<!-- EDIT8 TABLE [4766-5099] -->
<p>
As described in <a href="performances.html#handler_performance" class="wikilink1" title="documentation:2.0:performances">performances chapter</a>, you can use macros, local macros,…
</p>
@ -194,8 +256,8 @@ As described in <a href="performances.html#handler_performance" class="wikilink1
</div>
</div>
<!-- EDIT5 SECTION "Headers" [3112-4161] -->
<h2 class="sectionedit7" id="available_functions">Available functions</h2>
<!-- EDIT7 SECTION "Headers" [4583-5632] -->
<h2 class="sectionedit9" id="available_functions">Available functions</h2>
<div class="level2">
<p>
@ -209,6 +271,6 @@ In addition to macros and name, you can use some functions in rules and headers:
</ul>
</div>
<!-- EDIT7 SECTION "Available functions" [4162-] --></div>
<!-- EDIT9 SECTION "Available functions" [5633-] --></div>
</body>
</html>

164
omegat.files/fr/fr-level1.tmx
View File

@ -3064,14 +3064,6 @@ ignoreregex =</seg>
<seg>manager : paramètres réservés aux agents</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>appsListOrder</seg>
</tuv>
<tuv lang="FR-FR" changedate="20131025T131733Z" changeid="xavier">
<seg>appsListOrder</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Protect only the administration pages</seg>
@ -9902,14 +9894,6 @@ openssl x509 -req -days 3650 -in cert.csr -signkey lemonldap-ng-priv.key -out ce
<seg>mysuperpassword</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Custom-Header =&gt; function1($uid)</seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T112334Z" changeid="xavier">
<seg>Custom-Header =&gt; function1($uid)</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Unoptimized for session explorer and single session features.</seg>
@ -11178,14 +11162,6 @@ else {</seg>
<seg>La base de donnée doit être préparée exactement comme celle du backend de session SQL si ce n'est qu'un champ doit être ajouté pour chaque donnée à indexer.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>An SAML server with OpenID authentication</seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T183642Z" changeid="xavier">
<seg>Un serveur SAML avec une authentification OpenID</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>If this regex matches, the line is ignored.</seg>
@ -11550,14 +11526,6 @@ else {</seg>
<seg>Performances d'Apache::Session</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>startTime</seg>
</tuv>
<tuv lang="FR-FR" changedate="20131025T084339Z" changeid="xavier">
<seg>startTime</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>//&quot;userobm_vacation_enable&quot; =&gt; ,</seg>
@ -12662,14 +12630,6 @@ portalSkin = dark</seg>
<seg># Appe interne au serveur FastCGI</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>dn</seg>
</tuv>
<tuv lang="FR-FR" changedate="20131025T131521Z" changeid="xavier">
<seg>dn</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>language</seg>
@ -14226,14 +14186,6 @@ cp lemonldapuserdatabackend.class.php inc/auth/</seg>
<seg>On peut changer les paramètres par défaut en utilisant les paramètres “notificationStorage” et “notificationStorageOptions” avec la même syntaxe que les paramètres de stockage de la configuration.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>portal full URL if custom function is run by portal (e.g. https://auth.example.com/)</seg>
</tuv>
<tuv lang="FR-FR" changedate="20121005T040429Z" changeid="xavier">
<seg>l'URL complète du portail si la fonction personnalisée est appelée par le portail (i.e. https://auth.example.com/)</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Be careful with URL parameters</seg>
@ -16564,14 +16516,6 @@ dbiTable = mytablename</seg>
<seg>MySQL</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>loginHistory</seg>
</tuv>
<tuv lang="FR-FR" changedate="20131025T131424Z" changeid="xavier">
<seg>loginHistory</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Status module can not be loaded without localStorage parameter</seg>
@ -17086,14 +17030,6 @@ dbiTable = mytablename</seg>
<seg>Module du cache local</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>A CAS server with SAML authentication</seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T183551Z" changeid="xavier">
<seg>Un serveur CAS avec une authentification SAML</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Drivers</seg>
@ -18910,14 +18846,6 @@ dbiTable = mytablename</seg>
<seg>wget https://sourcesup.cru.fr/frs/download.php/2476/AuthCAS-1.4.tar.gz</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>A Apache::Session::Browseable::Redis has been created, it is the faster (except for session explorer, defeated by Apache::Session::Browseable::DBI/LDAP &gt;= 1.0)</seg>
</tuv>
<tuv lang="FR-FR" changedate="20131025T082105Z" changeid="xavier">
<seg>Un module Apache::Session::Browseable::Redis a été créé, c'est le plus rapide (excepté pour l'explorateur de sessions, battu par Apache::Session::Browseable::DBI/LDAP &gt;= 1.0)</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Mail charset</seg>
@ -19926,14 +19854,6 @@ Le nouveau rôle est-il un super-utilisateur ?</seg>
<seg>SSLCACertificateFile : certificat d'autorité pour valider les certificats clients</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>First parameter passed to the custom function is the requested URL, that is</seg>
</tuv>
<tuv lang="FR-FR" changedate="20121005T040332Z" changeid="xavier">
<seg>Le premier paramètre passé à la fonction personnalisée est l'URL demandée, c'est à dire</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>'cache_depth' =&gt; 5,?</seg>
@ -21416,14 +21336,6 @@ $lemonldap_config = Array(</seg>
<seg>La requête de déconnexion est envoyée même si l'utilisateur ne s'est pas connecté à l'application.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>http://perldoc.perl.org/functions/shift.html</seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T111855Z" changeid="xavier">
<seg>http://perldoc.perl.org/functions/shift.html</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Role</seg>
@ -22074,16 +21986,6 @@ $lemonldap_config = Array(</seg>
<seg>_lassoIdentityDump</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>my $param = shift;
 </seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T111905Z" changeid="xavier">
<seg>my $param = shift;
 </seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Self service reset (send a mail to the user with a to change the password)</seg>
@ -25390,16 +25292,6 @@ globalStorageOptions = { 'Directory' =&gt; '/var/lib/lemonldap-ng/sessions/', 'L
<seg># Conserver la requête originale (le serveur LLNG va recevoir /llauth)</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg># Your nice code here
 </seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T111922Z" changeid="xavier">
<seg># Le joli code ici :
 </seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Index list</seg>
@ -26028,14 +25920,6 @@ Display-Name -&gt; $displayName ||= $givenName.&quot; &quot;.$surName</seg>
<seg># SI LUA EST SUPPORTÉ</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Note that variables designed by $xx correspond to the name of the exported variables or macro names.</seg>
</tuv>
<tuv lang="FR-FR" changedate="20120506T055253Z" changeid="xavier">
<seg>Noter que les variables designées par $xx correspondent au nom de variables exportées ou de noms de macro.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Value: application logout URL</seg>
@ -26084,14 +25968,6 @@ Display-Name -&gt; $displayName ||= $givenName.&quot; &quot;.$surName</seg>
<seg>https://metacpan.org/module/Web::ID::Certificate::Generator</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>For example, a LL::NG server can be:</seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T183527Z" changeid="xavier">
<seg>Par exemple, un serveur LL::NG peut être :</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>http://zimbra.example.com/zimbrasso</seg>
@ -26740,14 +26616,6 @@ WithPeak[test.example.com]: wmy</seg>
<seg>Il est désormais possible d'utiliser le manager pour configurer toutes les applications et catégories, ensuite commenter ou supprimer le paramètre applicationList de /etc/lemonldap-ng/lemonldap-ng.ini.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>An OpenID server with CAS authentication</seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T183618Z" changeid="xavier">
<seg>Un serveur OpenID avec une authentification CAS</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Friendly Name: optional, SAML attribute friendly name.</seg>
@ -27528,14 +27396,6 @@ protection = manager</seg>
<seg>Fournisseurs d'identité SAML : IDP enregistrés</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>https://auth.example.com/</seg>
</tuv>
<tuv lang="FR-FR" changedate="20121005T040334Z" changeid="xavier">
<seg>https://auth.example.com/</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Some applications using it</seg>
@ -27872,14 +27732,6 @@ protection = manager</seg>
<seg>Le portail</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>absolute URL if it is run by handler (e.g. /admin/index.php?param=foo).</seg>
</tuv>
<tuv lang="FR-FR" changedate="20121005T040520Z" changeid="xavier">
<seg>l'URL absolue si elle est appelée par un agent (e.g. /admin/index.php?param=foo).</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Any OpenID consumer</seg>
@ -28056,14 +27908,6 @@ protection = manager</seg>
<seg>Type de compte : pour Zimbra, ce peut être name, id ou foreignKey (par défaut : id)</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>my $url = shift;</seg>
</tuv>
<tuv lang="FR-FR" changedate="20121005T040210Z" changeid="xavier">
<seg>my $url = shift;</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Register partner Service Provider on LemonLDAP::NG</seg>
@ -30370,14 +30214,6 @@ CUSTOM_FUNCTIONS_FILE=/root/SSOExtensions.pm</seg>
<seg>http://www.mediawiki.org/wiki/Extension:AutomaticREMOTE_USER</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>updateTime</seg>
</tuv>
<tuv lang="FR-FR" changedate="20131025T084357Z" changeid="xavier">
<seg>updateTime</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>You have to set its value in Manager.</seg>

164
omegat.files/fr/fr-level2.tmx
View File

@ -3064,14 +3064,6 @@ ignoreregex =</seg>
<seg><bpt i='0' x='0'>&lt;s0&gt;</bpt>manager<ept i='0'>&lt;/s0&gt;</ept> : paramètres réservés aux agents</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>appsListOrder</seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20131025T131733Z" changeid="xavier">
<seg>appsListOrder</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Protect only the administration pages</seg>
@ -9902,14 +9894,6 @@ openssl x509 -req -days 3650 -in cert.csr -signkey lemonldap-ng-priv.key -out ce
<seg>mysuperpassword</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Custom-Header =&gt; function1($uid)</seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20120225T112334Z" changeid="xavier">
<seg>Custom-Header =&gt; function1($uid)</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Unoptimized for <bpt i='0' x='0'>&lt;a0&gt;</bpt>session explorer<ept i='0'>&lt;/a0&gt;</ept> and <bpt i='1' x='1'>&lt;a1&gt;</bpt>single session<ept i='1'>&lt;/a1&gt;</ept> features.</seg>
@ -11178,14 +11162,6 @@ openssl x509 -req -days 3650 -in cert.csr -signkey lemonldap-ng-priv.key -out ce
<seg>La base de donnée doit être préparée exactement comme celle du <bpt i='0' x='0'>&lt;a0&gt;</bpt>backend de session SQL<ept i='0'>&lt;/a0&gt;</ept> si ce n'est qu'un champ doit être ajouté pour chaque donnée à indexer.</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>An <bpt i='0' x='0'>&lt;a0&gt;</bpt>SAML server<ept i='0'>&lt;/a0&gt;</ept> with <bpt i='1' x='1'>&lt;a1&gt;</bpt>OpenID authentication<ept i='1'>&lt;/a1&gt;</ept></seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20120225T183642Z" changeid="xavier">
<seg>Un <bpt i='0' x='0'>&lt;a0&gt;</bpt>serveur SAML<ept i='0'>&lt;/a0&gt;</ept> avec une <bpt i='1' x='1'>&lt;a1&gt;</bpt>authentification OpenID<ept i='1'>&lt;/a1&gt;</ept></seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>If this regex matches, the line is ignored.</seg>
@ -11550,14 +11526,6 @@ openssl x509 -req -days 3650 -in cert.csr -signkey lemonldap-ng-priv.key -out ce
<seg>Performances d'Apache::Session</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>startTime</seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20131025T084339Z" changeid="xavier">
<seg>startTime</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg><bpt i='148' x='148'>&lt;s148&gt;</bpt>//&quot;userobm_vacation_enable&quot; =&gt; ,<ept i='148'>&lt;/s148&gt;</ept></seg>
@ -12662,14 +12630,6 @@ openssl x509 -req -days 3650 -in cert.csr -signkey lemonldap-ng-priv.key -out ce
<seg># Appe interne au serveur FastCGI</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>dn</seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20131025T131521Z" changeid="xavier">
<seg>dn</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>language</seg>
@ -14226,14 +14186,6 @@ cp lemonldapuserdatabackend.class.php inc/auth/</seg>
<seg>On peut changer les paramètres par défaut en utilisant les paramètres “notificationStorage” et “notificationStorageOptions” avec la même syntaxe que les paramètres de stockage de la configuration.</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg><bpt i='0' x='0'>&lt;s0&gt;</bpt>portal full <bpt i='1' x='1'>&lt;a1&gt;</bpt>URL<ept i='1'>&lt;/a1&gt;</ept><ept i='0'>&lt;/s0&gt;</ept> if custom function is run by portal (e.g. <bpt i='2' x='2'>&lt;a2&gt;</bpt>https://auth.example.com/<ept i='2'>&lt;/a2&gt;</ept>)</seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20121005T040429Z" changeid="xavier">
<seg><bpt i='0' x='0'>&lt;s0&gt;</bpt>l'<bpt i='1' x='1'>&lt;a1&gt;</bpt>URL<ept i='1'>&lt;/a1&gt;</ept> complète du portail<ept i='0'>&lt;/s0&gt;</ept> si la fonction personnalisée est appelée par le portail (i.e. <bpt i='2' x='2'>&lt;a2&gt;</bpt>https://auth.example.com/<ept i='2'>&lt;/a2&gt;</ept>)</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Be careful with URL parameters</seg>
@ -16564,14 +16516,6 @@ createuser lemonldap-ng -P</seg>
<seg>MySQL</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>loginHistory</seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20131025T131424Z" changeid="xavier">
<seg>loginHistory</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Status module can not be loaded without localStorage parameter</seg>
@ -17086,14 +17030,6 @@ createuser lemonldap-ng -P</seg>
<seg>Module du cache local</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>A <bpt i='0' x='0'>&lt;a0&gt;</bpt>CAS server<ept i='0'>&lt;/a0&gt;</ept> with <bpt i='1' x='1'>&lt;a1&gt;</bpt>SAML authentication<ept i='1'>&lt;/a1&gt;</ept></seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20120225T183551Z" changeid="xavier">
<seg>Un <bpt i='0' x='0'>&lt;a0&gt;</bpt> serveur CAS<ept i='0'>&lt;/a0&gt;</ept> avec une <bpt i='1' x='1'>&lt;a1&gt;</bpt>authentification SAML<ept i='1'>&lt;/a1&gt;</ept></seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Drivers</seg>
@ -18910,14 +18846,6 @@ createuser lemonldap-ng -P</seg>
<seg>wget https://sourcesup.cru.fr/frs/download.php/2476/AuthCAS-1.4.tar.gz</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>A <bpt i='0' x='0'>&lt;a0&gt;</bpt>Apache::Session::Browseable::Redis<ept i='0'>&lt;/a0&gt;</ept> has been created, it is the faster (except for session explorer, defeated by Apache::Session::Browseable::<bpt i='1' x='1'>&lt;a1&gt;</bpt>DBI<ept i='1'>&lt;/a1&gt;</ept>/<bpt i='2' x='2'>&lt;a2&gt;</bpt>LDAP<ept i='2'>&lt;/a2&gt;</ept> &gt;= 1.0)</seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20131025T082105Z" changeid="xavier">
<seg>Un module <bpt i='0' x='0'>&lt;a0&gt;</bpt>Apache::Session::Browseable::Redis<ept i='0'>&lt;/a0&gt;</ept> a été créé, c'est le plus rapide (excepté pour l'explorateur de sessions, battu par Apache::Session::Browseable::<bpt i='1' x='1'>&lt;a1&gt;</bpt>DBI<ept i='1'>&lt;/a1&gt;</ept>/<bpt i='2' x='2'>&lt;a2&gt;</bpt>LDAP<ept i='2'>&lt;/a2&gt;</ept> &gt;= 1.0)</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Mail charset</seg>
@ -19926,14 +19854,6 @@ Le nouveau rôle est-il un super-utilisateur ?</seg>
<seg><bpt i='0' x='0'>&lt;s0&gt;</bpt>SSLCACertificateFile<ept i='0'>&lt;/s0&gt;</ept> : certificat d'autorité pour valider les certificats clients</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>First parameter passed to the custom function is the requested <bpt i='0' x='0'>&lt;a0&gt;</bpt>URL<ept i='0'>&lt;/a0&gt;</ept>, that is</seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20121005T040332Z" changeid="xavier">
<seg>Le premier paramètre passé à la fonction personnalisée est l'<bpt i='0' x='0'>&lt;a0&gt;</bpt>URL<ept i='0'>&lt;/a0&gt;</ept> demandée, c'est à dire</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>'cache_depth' =&gt; 5,?</seg>
@ -21416,14 +21336,6 @@ a2ensite test-apache2.conf</seg>
<seg>La requête de déconnexion est envoyée même si l'utilisateur ne s'est pas connecté à l'application.</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>http://perldoc.perl.org/functions/shift.html</seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20120225T111855Z" changeid="xavier">
<seg>http://perldoc.perl.org/functions/shift.html</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Role</seg>
@ -22074,16 +21986,6 @@ a2ensite test-apache2.conf</seg>
<seg>_lassoIdentityDump</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg><bpt i='11' x='11'>&lt;s11&gt;</bpt>my<ept i='11'>&lt;/s11&gt;</ept> <bpt i='12' x='12'>&lt;s12&gt;</bpt>$param<ept i='12'>&lt;/s12&gt;</ept> <bpt i='13' x='13'>&lt;s13&gt;</bpt>=<ept i='13'>&lt;/s13&gt;</ept> <bpt i='14' x='14'>&lt;a14&gt;</bpt><bpt i='15' x='15'>&lt;s15&gt;</bpt>shift<ept i='15'>&lt;/s15&gt;</ept><ept i='14'>&lt;/a14&gt;</ept><bpt i='16' x='16'>&lt;s16&gt;</bpt>;<ept i='16'>&lt;/s16&gt;</ept>
 </seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20120225T111905Z" changeid="xavier">
<seg><bpt i='11' x='11'>&lt;s11&gt;</bpt>my<ept i='11'>&lt;/s11&gt;</ept> <bpt i='12' x='12'>&lt;s12&gt;</bpt>$param<ept i='12'>&lt;/s12&gt;</ept> <bpt i='13' x='13'>&lt;s13&gt;</bpt>=<ept i='13'>&lt;/s13&gt;</ept> <bpt i='14' x='14'>&lt;a14&gt;</bpt><bpt i='15' x='15'>&lt;s15&gt;</bpt>shift<ept i='15'>&lt;/s15&gt;</ept><ept i='14'>&lt;/a14&gt;</ept><bpt i='16' x='16'>&lt;s16&gt;</bpt>;<ept i='16'>&lt;/s16&gt;</ept>
 </seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Self service reset (send a mail to the user with a to change the password)</seg>
@ -25390,16 +25292,6 @@ a2ensite test-apache2.conf</seg>
<seg># Conserver la requête originale (le serveur LLNG va recevoir /llauth)</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg><bpt i='17' x='17'>&lt;s17&gt;</bpt># Your nice code here<ept i='17'>&lt;/s17&gt;</ept>
 </seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20120225T111922Z" changeid="xavier">
<seg><bpt i='17' x='17'>&lt;s17&gt;</bpt># Le joli code ici :<ept i='17'>&lt;/s17&gt;</ept>
 </seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Index list</seg>
@ -26028,14 +25920,6 @@ Display<bpt i='14' x='14'>&lt;s14&gt;</bpt>-<ept i='14'>&lt;/s14&gt;</ept>Name <
<seg># SI LUA EST SUPPORTÉ</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Note that variables designed by $xx correspond to the name of the <bpt i='0' x='0'>&lt;a0&gt;</bpt>exported variables<ept i='0'>&lt;/a0&gt;</ept> or <bpt i='1' x='1'>&lt;a1&gt;</bpt>macro names<ept i='1'>&lt;/a1&gt;</ept>.</seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20120506T055253Z" changeid="xavier">
<seg>Noter que les variables designées par $xx correspondent au nom de <bpt i='0' x='0'>&lt;a0&gt;</bpt>variables exportées<ept i='0'>&lt;/a0&gt;</ept> ou de <bpt i='1' x='1'>&lt;a1&gt;</bpt>noms de macro<ept i='1'>&lt;/a1&gt;</ept>.</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg><bpt i='0' x='0'>&lt;s0&gt;</bpt>Value<ept i='0'>&lt;/s0&gt;</ept>: application logout <bpt i='1' x='1'>&lt;a1&gt;</bpt>URL<ept i='1'>&lt;/a1&gt;</ept></seg>
@ -26084,14 +25968,6 @@ Display<bpt i='14' x='14'>&lt;s14&gt;</bpt>-<ept i='14'>&lt;/s14&gt;</ept>Name <
<seg>https://metacpan.org/module/Web::ID::Certificate::Generator</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>For example, a <bpt i='0' x='0'>&lt;a0&gt;</bpt>LL::NG<ept i='0'>&lt;/a0&gt;</ept> server can be:</seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20120225T183527Z" changeid="xavier">
<seg>Par exemple, un serveur <bpt i='0' x='0'>&lt;a0&gt;</bpt>LL::NG<ept i='0'>&lt;/a0&gt;</ept> peut être :</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>http://zimbra.example.com/zimbrasso</seg>
@ -26740,14 +26616,6 @@ WithPeak[test.example.com]: wmy</seg>
<seg>Il est désormais possible d'utiliser le manager pour configurer toutes les <bpt i='0' x='0'>&lt;a0&gt;</bpt>applications et catégories<ept i='0'>&lt;/a0&gt;</ept>, ensuite commenter ou supprimer le paramètre <bpt i='1' x='1'>&lt;c1&gt;</bpt>applicationList<ept i='1'>&lt;/c1&gt;</ept> de <bpt i='2' x='2'>&lt;c2&gt;</bpt>/etc/lemonldap-ng/lemonldap-ng.ini<ept i='2'>&lt;/c2&gt;</ept>.</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>An <bpt i='0' x='0'>&lt;a0&gt;</bpt>OpenID server<ept i='0'>&lt;/a0&gt;</ept> with <bpt i='1' x='1'>&lt;a1&gt;</bpt>CAS authentication<ept i='1'>&lt;/a1&gt;</ept></seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20120225T183618Z" changeid="xavier">
<seg>Un <bpt i='0' x='0'>&lt;a0&gt;</bpt>serveur OpenID<ept i='0'>&lt;/a0&gt;</ept> avec une <bpt i='1' x='1'>&lt;a1&gt;</bpt>authentification CAS<ept i='1'>&lt;/a1&gt;</ept></seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg><bpt i='0' x='0'>&lt;s0&gt;</bpt>Friendly Name<ept i='0'>&lt;/s0&gt;</ept>: optional, <bpt i='1' x='1'>&lt;a1&gt;</bpt>SAML<ept i='1'>&lt;/a1&gt;</ept> attribute friendly name.</seg>
@ -27528,14 +27396,6 @@ WithPeak[test.example.com]: wmy</seg>
<seg><bpt i='0' x='0'>&lt;s0&gt;</bpt>Fournisseurs d'identité <bpt i='1' x='1'>&lt;a1&gt;</bpt>SAML<ept i='1'>&lt;/a1&gt;</ept><ept i='0'>&lt;/s0&gt;</ept> : IDP enregistrés</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>https://auth.example.com/</seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20121005T040334Z" changeid="xavier">
<seg>https://auth.example.com/</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Some applications using it</seg>
@ -27872,14 +27732,6 @@ WithPeak[test.example.com]: wmy</seg>
<seg>Le portail</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg><bpt i='0' x='0'>&lt;s0&gt;</bpt>absolute <bpt i='1' x='1'>&lt;a1&gt;</bpt>URL<ept i='1'>&lt;/a1&gt;</ept><ept i='0'>&lt;/s0&gt;</ept> if it is run by handler (e.g. /admin/index.php?param=foo).</seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20121005T040520Z" changeid="xavier">
<seg><bpt i='0' x='0'>&lt;s0&gt;</bpt>l'<bpt i='1' x='1'>&lt;a1&gt;</bpt>URL<ept i='1'>&lt;/a1&gt;</ept> absolue<ept i='0'>&lt;/s0&gt;</ept> si elle est appelée par un agent (e.g. /admin/index.php?param=foo).</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Any OpenID consumer</seg>
@ -28056,14 +27908,6 @@ WithPeak[test.example.com]: wmy</seg>
<seg><bpt i='0' x='0'>&lt;s0&gt;</bpt>Type de compte<ept i='0'>&lt;/s0&gt;</ept> : pour Zimbra, ce peut être name, id ou foreignKey (par défaut : id)</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg><bpt i='5' x='5'>&lt;s5&gt;</bpt>my<ept i='5'>&lt;/s5&gt;</ept> <bpt i='6' x='6'>&lt;s6&gt;</bpt>$url<ept i='6'>&lt;/s6&gt;</ept> <bpt i='7' x='7'>&lt;s7&gt;</bpt>=<ept i='7'>&lt;/s7&gt;</ept> <bpt i='8' x='8'>&lt;a8&gt;</bpt><bpt i='9' x='9'>&lt;s9&gt;</bpt>shift<ept i='9'>&lt;/s9&gt;</ept><ept i='8'>&lt;/a8&gt;</ept><bpt i='10' x='10'>&lt;s10&gt;</bpt>;<ept i='10'>&lt;/s10&gt;</ept></seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20121005T040210Z" changeid="xavier">
<seg><bpt i='5' x='5'>&lt;s5&gt;</bpt>my<ept i='5'>&lt;/s5&gt;</ept> <bpt i='6' x='6'>&lt;s6&gt;</bpt>$url<ept i='6'>&lt;/s6&gt;</ept> <bpt i='7' x='7'>&lt;s7&gt;</bpt>=<ept i='7'>&lt;/s7&gt;</ept> <bpt i='8' x='8'>&lt;a8&gt;</bpt><bpt i='9' x='9'>&lt;s9&gt;</bpt>shift<ept i='9'>&lt;/s9&gt;</ept><ept i='8'>&lt;/a8&gt;</ept><bpt i='10' x='10'>&lt;s10&gt;</bpt>;<ept i='10'>&lt;/s10&gt;</ept></seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>Register partner Service Provider on LemonLDAP::NG</seg>
@ -30370,14 +30214,6 @@ CUSTOM_FUNCTIONS_FILE=/root/SSOExtensions.pm</seg>
<seg>http://www.mediawiki.org/wiki/Extension:AutomaticREMOTE_USER</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>updateTime</seg>
</tuv>
<tuv xml:lang="FR-FR" changedate="20131025T084357Z" changeid="xavier">
<seg>updateTime</seg>
</tuv>
</tu>
<tu>
<tuv xml:lang="EN-US">
<seg>You have to set its value in Manager.</seg>

164
omegat.files/fr/fr-omegat.tmx
View File

@ -3064,14 +3064,6 @@ ignoreregex =</seg>
<seg>&lt;s0&gt;manager&lt;/s0&gt; : paramètres réservés aux agents</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>appsListOrder</seg>
</tuv>
<tuv lang="FR-FR" changedate="20131025T131733Z" changeid="xavier">
<seg>appsListOrder</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Protect only the administration pages</seg>
@ -9902,14 +9894,6 @@ openssl x509 -req -days 3650 -in cert.csr -signkey lemonldap-ng-priv.key -out ce
<seg>mysuperpassword</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Custom-Header =&gt; function1($uid)</seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T112334Z" changeid="xavier">
<seg>Custom-Header =&gt; function1($uid)</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Unoptimized for &lt;a0&gt;session explorer&lt;/a0&gt; and &lt;a1&gt;single session&lt;/a1&gt; features.</seg>
@ -11178,14 +11162,6 @@ openssl x509 -req -days 3650 -in cert.csr -signkey lemonldap-ng-priv.key -out ce
<seg>La base de donnée doit être préparée exactement comme celle du &lt;a0&gt;backend de session SQL&lt;/a0&gt; si ce n'est qu'un champ doit être ajouté pour chaque donnée à indexer.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>An &lt;a0&gt;SAML server&lt;/a0&gt; with &lt;a1&gt;OpenID authentication&lt;/a1&gt;</seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T183642Z" changeid="xavier">
<seg>Un &lt;a0&gt;serveur SAML&lt;/a0&gt; avec une &lt;a1&gt;authentification OpenID&lt;/a1&gt;</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>If this regex matches, the line is ignored.</seg>
@ -11550,14 +11526,6 @@ openssl x509 -req -days 3650 -in cert.csr -signkey lemonldap-ng-priv.key -out ce
<seg>Performances d'Apache::Session</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>startTime</seg>
</tuv>
<tuv lang="FR-FR" changedate="20131025T084339Z" changeid="xavier">
<seg>startTime</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>&lt;s148&gt;//&quot;userobm_vacation_enable&quot; =&gt; ,&lt;/s148&gt;</seg>
@ -12662,14 +12630,6 @@ openssl x509 -req -days 3650 -in cert.csr -signkey lemonldap-ng-priv.key -out ce
<seg># Appe interne au serveur FastCGI</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>dn</seg>
</tuv>
<tuv lang="FR-FR" changedate="20131025T131521Z" changeid="xavier">
<seg>dn</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>language</seg>
@ -14226,14 +14186,6 @@ cp lemonldapuserdatabackend.class.php inc/auth/</seg>
<seg>On peut changer les paramètres par défaut en utilisant les paramètres “notificationStorage” et “notificationStorageOptions” avec la même syntaxe que les paramètres de stockage de la configuration.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>&lt;s0&gt;portal full &lt;a1&gt;URL&lt;/a1&gt;&lt;/s0&gt; if custom function is run by portal (e.g. &lt;a2&gt;https://auth.example.com/&lt;/a2&gt;)</seg>
</tuv>
<tuv lang="FR-FR" changedate="20121005T040429Z" changeid="xavier">
<seg>&lt;s0&gt;l'&lt;a1&gt;URL&lt;/a1&gt; complète du portail&lt;/s0&gt; si la fonction personnalisée est appelée par le portail (i.e. &lt;a2&gt;https://auth.example.com/&lt;/a2&gt;)</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Be careful with URL parameters</seg>
@ -16564,14 +16516,6 @@ createuser lemonldap-ng -P</seg>
<seg>MySQL</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>loginHistory</seg>
</tuv>
<tuv lang="FR-FR" changedate="20131025T131424Z" changeid="xavier">
<seg>loginHistory</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Status module can not be loaded without localStorage parameter</seg>
@ -17086,14 +17030,6 @@ createuser lemonldap-ng -P</seg>
<seg>Module du cache local</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>A &lt;a0&gt;CAS server&lt;/a0&gt; with &lt;a1&gt;SAML authentication&lt;/a1&gt;</seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T183551Z" changeid="xavier">
<seg>Un &lt;a0&gt; serveur CAS&lt;/a0&gt; avec une &lt;a1&gt;authentification SAML&lt;/a1&gt;</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Drivers</seg>
@ -18910,14 +18846,6 @@ createuser lemonldap-ng -P</seg>
<seg>wget https://sourcesup.cru.fr/frs/download.php/2476/AuthCAS-1.4.tar.gz</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>A &lt;a0&gt;Apache::Session::Browseable::Redis&lt;/a0&gt; has been created, it is the faster (except for session explorer, defeated by Apache::Session::Browseable::&lt;a1&gt;DBI&lt;/a1&gt;/&lt;a2&gt;LDAP&lt;/a2&gt; &gt;= 1.0)</seg>
</tuv>
<tuv lang="FR-FR" changedate="20131025T082105Z" changeid="xavier">
<seg>Un module &lt;a0&gt;Apache::Session::Browseable::Redis&lt;/a0&gt; a été créé, c'est le plus rapide (excepté pour l'explorateur de sessions, battu par Apache::Session::Browseable::&lt;a1&gt;DBI&lt;/a1&gt;/&lt;a2&gt;LDAP&lt;/a2&gt; &gt;= 1.0)</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Mail charset</seg>
@ -19926,14 +19854,6 @@ Le nouveau rôle est-il un super-utilisateur ?</seg>
<seg>&lt;s0&gt;SSLCACertificateFile&lt;/s0&gt; : certificat d'autorité pour valider les certificats clients</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>First parameter passed to the custom function is the requested &lt;a0&gt;URL&lt;/a0&gt;, that is</seg>
</tuv>
<tuv lang="FR-FR" changedate="20121005T040332Z" changeid="xavier">
<seg>Le premier paramètre passé à la fonction personnalisée est l'&lt;a0&gt;URL&lt;/a0&gt; demandée, c'est à dire</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>'cache_depth' =&gt; 5,?</seg>
@ -21416,14 +21336,6 @@ a2ensite test-apache2.conf</seg>
<seg>La requête de déconnexion est envoyée même si l'utilisateur ne s'est pas connecté à l'application.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>http://perldoc.perl.org/functions/shift.html</seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T111855Z" changeid="xavier">
<seg>http://perldoc.perl.org/functions/shift.html</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Role</seg>
@ -22074,16 +21986,6 @@ a2ensite test-apache2.conf</seg>
<seg>_lassoIdentityDump</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>&lt;s11&gt;my&lt;/s11&gt; &lt;s12&gt;$param&lt;/s12&gt; &lt;s13&gt;=&lt;/s13&gt; &lt;a14&gt;&lt;s15&gt;shift&lt;/s15&gt;&lt;/a14&gt;&lt;s16&gt;;&lt;/s16&gt;
 </seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T111905Z" changeid="xavier">
<seg>&lt;s11&gt;my&lt;/s11&gt; &lt;s12&gt;$param&lt;/s12&gt; &lt;s13&gt;=&lt;/s13&gt; &lt;a14&gt;&lt;s15&gt;shift&lt;/s15&gt;&lt;/a14&gt;&lt;s16&gt;;&lt;/s16&gt;
 </seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Self service reset (send a mail to the user with a to change the password)</seg>
@ -25390,16 +25292,6 @@ a2ensite test-apache2.conf</seg>
<seg># Conserver la requête originale (le serveur LLNG va recevoir /llauth)</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>&lt;s17&gt;# Your nice code here&lt;/s17&gt;
 </seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T111922Z" changeid="xavier">
<seg>&lt;s17&gt;# Le joli code ici :&lt;/s17&gt;
 </seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Index list</seg>
@ -26028,14 +25920,6 @@ Display&lt;s14&gt;-&lt;/s14&gt;Name &lt;s15&gt;-&gt;&lt;/s15&gt; &lt;s16&gt;$dis
<seg># SI LUA EST SUPPORTÉ</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Note that variables designed by $xx correspond to the name of the &lt;a0&gt;exported variables&lt;/a0&gt; or &lt;a1&gt;macro names&lt;/a1&gt;.</seg>
</tuv>
<tuv lang="FR-FR" changedate="20120506T055253Z" changeid="xavier">
<seg>Noter que les variables designées par $xx correspondent au nom de &lt;a0&gt;variables exportées&lt;/a0&gt; ou de &lt;a1&gt;noms de macro&lt;/a1&gt;.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>&lt;s0&gt;Value&lt;/s0&gt;: application logout &lt;a1&gt;URL&lt;/a1&gt;</seg>
@ -26084,14 +25968,6 @@ Display&lt;s14&gt;-&lt;/s14&gt;Name &lt;s15&gt;-&gt;&lt;/s15&gt; &lt;s16&gt;$dis
<seg>https://metacpan.org/module/Web::ID::Certificate::Generator</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>For example, a &lt;a0&gt;LL::NG&lt;/a0&gt; server can be:</seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T183527Z" changeid="xavier">
<seg>Par exemple, un serveur &lt;a0&gt;LL::NG&lt;/a0&gt; peut être :</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>http://zimbra.example.com/zimbrasso</seg>
@ -26740,14 +26616,6 @@ WithPeak[test.example.com]: wmy</seg>
<seg>Il est désormais possible d'utiliser le manager pour configurer toutes les &lt;a0&gt;applications et catégories&lt;/a0&gt;, ensuite commenter ou supprimer le paramètre &lt;c1&gt;applicationList&lt;/c1&gt; de &lt;c2&gt;/etc/lemonldap-ng/lemonldap-ng.ini&lt;/c2&gt;.</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>An &lt;a0&gt;OpenID server&lt;/a0&gt; with &lt;a1&gt;CAS authentication&lt;/a1&gt;</seg>
</tuv>
<tuv lang="FR-FR" changedate="20120225T183618Z" changeid="xavier">
<seg>Un &lt;a0&gt;serveur OpenID&lt;/a0&gt; avec une &lt;a1&gt;authentification CAS&lt;/a1&gt;</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>&lt;s0&gt;Friendly Name&lt;/s0&gt;: optional, &lt;a1&gt;SAML&lt;/a1&gt; attribute friendly name.</seg>
@ -27528,14 +27396,6 @@ WithPeak[test.example.com]: wmy</seg>
<seg>&lt;s0&gt;Fournisseurs d'identité &lt;a1&gt;SAML&lt;/a1&gt;&lt;/s0&gt; : IDP enregistrés</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>https://auth.example.com/</seg>
</tuv>
<tuv lang="FR-FR" changedate="20121005T040334Z" changeid="xavier">
<seg>https://auth.example.com/</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Some applications using it</seg>
@ -27872,14 +27732,6 @@ WithPeak[test.example.com]: wmy</seg>
<seg>Le portail</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>&lt;s0&gt;absolute &lt;a1&gt;URL&lt;/a1&gt;&lt;/s0&gt; if it is run by handler (e.g. /admin/index.php?param=foo).</seg>
</tuv>
<tuv lang="FR-FR" changedate="20121005T040520Z" changeid="xavier">
<seg>&lt;s0&gt;l'&lt;a1&gt;URL&lt;/a1&gt; absolue&lt;/s0&gt; si elle est appelée par un agent (e.g. /admin/index.php?param=foo).</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Any OpenID consumer</seg>
@ -28056,14 +27908,6 @@ WithPeak[test.example.com]: wmy</seg>
<seg>&lt;s0&gt;Type de compte&lt;/s0&gt; : pour Zimbra, ce peut être name, id ou foreignKey (par défaut : id)</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>&lt;s5&gt;my&lt;/s5&gt; &lt;s6&gt;$url&lt;/s6&gt; &lt;s7&gt;=&lt;/s7&gt; &lt;a8&gt;&lt;s9&gt;shift&lt;/s9&gt;&lt;/a8&gt;&lt;s10&gt;;&lt;/s10&gt;</seg>
</tuv>
<tuv lang="FR-FR" changedate="20121005T040210Z" changeid="xavier">
<seg>&lt;s5&gt;my&lt;/s5&gt; &lt;s6&gt;$url&lt;/s6&gt; &lt;s7&gt;=&lt;/s7&gt; &lt;a8&gt;&lt;s9&gt;shift&lt;/s9&gt;&lt;/a8&gt;&lt;s10&gt;;&lt;/s10&gt;</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>Register partner Service Provider on LemonLDAP::NG</seg>
@ -30370,14 +30214,6 @@ CUSTOM_FUNCTIONS_FILE=/root/SSOExtensions.pm</seg>
<seg>http://www.mediawiki.org/wiki/Extension:AutomaticREMOTE_USER</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>updateTime</seg>
</tuv>
<tuv lang="FR-FR" changedate="20131025T084357Z" changeid="xavier">
<seg>updateTime</seg>
</tuv>
</tu>
<tu>
<tuv lang="EN-US">
<seg>You have to set its value in Manager.</seg>

33
omegat.files/fr/omegat/project_stats.txt
View File

@ -1,11 +1,11 @@
14/03/17 17:18
30/03/17 07:05
Données du projet
Segments Mots Caractères (sans espaces) Caractères (avec espaces)
Total : 15534 67763 472674 515687
Restants : 7777 28169 230834 243669
Segments uniques : 7504 48901 316687 354406
Segments uniques restants : 3415 17804 135751 147177
Total : 15639 68435 476795 520349
Restants : 7898 28969 235702 249175
Segments uniques : 7567 49490 320037 358280
Segments uniques restants : 3498 18523 139850 151900
Statistiques par fichiers :
@ -62,7 +62,7 @@ pages/documentation/current/authad.html
pages/documentation/current/authapache.html 77 24 36 13 340 50 257 25 2318 441 1613 235 2526 447 1809 239
pages/documentation/current/authcas.html 87 19 41 9 405 58 297 32 2675 479 1739 252 2942 495 1966 266
pages/documentation/current/authchoice.html 55 13 30 5 252 37 210 17 1588 316 1228 146 1767 323 1401 153
pages/documentation/current/authcombination.html 164 116 107 95 808 658 690 613 4722 3705 3751 3328 5344 4226 4328 3841
pages/documentation/current/authcombination.html 180 131 120 108 952 801 827 750 5563 4538 4545 4122 6311 5185 5244 4757
pages/documentation/current/authcustom.html 26 16 10 10 107 99 83 83 689 619 490 490 756 686 557 557
pages/documentation/current/authdbi.html 156 26 85 16 507 57 398 33 3385 492 2461 290 3687 503 2747 299
pages/documentation/current/authdemo.html 50 12 22 4 186 39 141 19 1165 304 803 130 1277 314 911 140
@ -92,8 +92,8 @@ pages/documentation/current/changeconfbackend.html
pages/documentation/current/configapache.html 34 19 25 13 194 65 173 49 1284 470 1125 339 1390 501 1231 370
pages/documentation/current/configlocation.html 479 204 358 128 2366 666 2069 507 16459 6024 14024 4469 18293 6409 15700 4784
pages/documentation/current/confignginx.html 46 32 24 17 261 194 205 149 1930 1531 1531 1196 2056 1613 1642 1263
pages/documentation/current/configvhost.html 245 143 105 58 979 403 597 199 7793 4343 4207 2031 8490 4557 4639 2125
pages/documentation/current/customfunctions.html 76 30 45 15 381 88 300 52 2765 893 2086 527 3006 919 2303 551
pages/documentation/current/configvhost.html 247 145 107 60 985 409 603 205 7882 4432 4296 2120 8583 4650 4732 2218
pages/documentation/current/customfunctions.html 65 33 39 18 319 99 253 63 2366 973 1822 607 2568 1012 2006 644
pages/documentation/current/customhandlers.html 58 54 42 42 430 419 380 380 2693 2586 2349 2349 2980 2873 2619 2619
pages/documentation/current/devopshandler.html 76 70 39 39 325 305 242 242 2255 2132 1480 1480 2467 2328 1650 1650
pages/documentation/current/docker.html 33 19 19 10 166 80 131 53 1243 711 927 468 1319 733 1003 490
@ -120,10 +120,11 @@ pages/documentation/current/documentation/remote-principle.png_documentation_2.0
pages/documentation/current/documentation/status_standard.png_documentation_2.0_status.html 38 34 11 10 85 79 26 24 755 705 291 258 764 714 297 264
pages/documentation/current/error.html 78 17 63 10 517 53 477 34 2942 417 2655 278 3353 436 3060 295
pages/documentation/current/exportedvars.html 73 36 48 21 446 106 394 71 2670 907 2216 551 3035 969 2576 613
pages/documentation/current/extendedfunctions.html 206 89 113 36 926 251 702 141 6034 2194 4118 1020 6664 2293 4670 1108
pages/documentation/current/extendedfunctions.html 222 104 118 41 968 291 726 165 6328 2472 4237 1139 6979 2591 4806 1244
pages/documentation/current/external2f.html 29 25 20 19 220 215 200 199 1222 1184 1065 1055 1396 1358 1239 1229
pages/documentation/current/fastcgi.html 30 9 18 3 161 23 132 7 973 188 757 62 1064 188 848 62
pages/documentation/current/fastcgiserver.html 40 16 23 6 239 36 204 12 1509 344 1222 134 1673 346 1381 134
pages/documentation/current/federationproxy.html 44 25 16 4 151 57 89 9 1151 580 584 114 1220 580 648 114
pages/documentation/current/federationproxy.html 43 28 19 11 180 106 120 66 1387 901 816 479 1490 950 908 528
pages/documentation/current/fileconfbackend.html 22 11 9 1 95 27 67 3 688 273 420 33 742 273 474 33
pages/documentation/current/filesessionbackend.html 36 11 19 3 181 27 145 7 1224 291 909 95 1319 291 1003 95
pages/documentation/current/formreplay.html 78 21 44 10 594 50 509 23 3225 510 2546 260 3704 517 2994 267
@ -168,12 +169,12 @@ pages/documentation/current/mrtg.html
pages/documentation/current/mysqlminihowto.html 34 19 13 6 131 44 73 13 1029 526 525 179 1089 526 569 179
pages/documentation/current/nodehandler.html 16 14 7 7 51 48 28 28 429 414 228 228 443 428 242 242
pages/documentation/current/nosqlsessionbackend.html 37 11 8 1 163 27 63 3 1223 295 419 37 1291 295 463 37
pages/documentation/current/notifications.html 190 69 129 50 1396 389 1240 343 8638 2661 7393 2226 9674 2909 8370 2465
pages/documentation/current/notifications.html 190 69 128 50 1396 389 1239 343 8638 2661 7383 2226 9674 2909 8360 2465
pages/documentation/current/openidconnectclaims.html 80 45 4 4 102 61 10 10 813 577 117 117 820 579 119 119
pages/documentation/current/openidconnectservice.html 108 83 61 58 539 494 437 433 3487 3138 2632 2591 3856 3494 2978 2936
pages/documentation/current/parameterlist.html 678 62 376 44 1080 209 861 169 8657 1429 6535 987 9223 1551 7006 1109
pages/documentation/current/passwordstore.html 38 16 14 2 186 36 142 4 1111 323 724 37 1242 325 853 37
pages/documentation/current/performances.html 173 66 100 38 1314 381 942 306 8341 2724 5893 2172 9321 3002 6631 2401
pages/documentation/current/performances.html 176 70 103 42 1362 453 990 378 8594 3119 6146 2567 9622 3462 6932 2861
pages/documentation/current/portal.html 113 62 46 11 454 158 310 47 3254 1562 1822 365 3516 1588 2075 391
pages/documentation/current/portalcustom.html 135 67 96 52 917 440 825 407 5086 2575 4382 2286 5836 2909 5094 2616
pages/documentation/current/portalmenu.html 50 16 32 6 294 81 254 57 1855 589 1503 372 2069 636 1714 419
@ -200,9 +201,9 @@ pages/documentation/current/soapsessionbackend.html
pages/documentation/current/sqlconfbackend.html 69 32 44 20 319 122 258 92 2082 915 1574 639 2299 976 1776 695
pages/documentation/current/sqlsessionbackend.html 119 29 52 11 557 104 334 59 3751 747 2054 338 4057 800 2292 384
pages/documentation/current/ssocookie.html 60 17 32 4 436 67 364 36 2393 502 1871 238 2740 530 2195 266
pages/documentation/current/start.html 648 377 146 84 1505 926 640 319 13172 9255 4393 2469 13695 9426 4797 2622
pages/documentation/current/start.html 653 380 146 84 1512 933 640 319 13237 9318 4393 2469 13762 9491 4797 2622
pages/documentation/current/status.html 62 21 30 7 312 71 248 41 2008 539 1486 300 2182 565 1654 324
pages/documentation/current/u2f.html 53 45 28 28 305 290 245 245 1935 1812 1439 1439 2145 2016 1639 1639
pages/documentation/current/upgrade.html 130 116 61 61 640 614 481 481 4195 3969 2706 2706 4634 4403 3108 3108
pages/documentation/current/variables.html 174 48 96 26 524 131 401 85 3333 985 2353 577 3658 1044 2653 632
pages/documentation/current/writingrulesand_headers.html 125 47 66 19 616 244 496 181 4012 1832 2878 1112 4445 1989 3288 1266
pages/documentation/current/upgrade.html 132 118 62 62 648 622 488 488 4222 3996 2727 2727 4667 4436 3135 3135
pages/documentation/current/variables.html 174 53 96 31 524 136 401 90 3315 1013 2335 605 3640 1072 2635 660
pages/documentation/current/writingrulesand_headers.html 169 91 89 43 846 488 680 382 5523 3402 3947 2265 6121 3738 4515 2593

2
po-doc/fr/pages/documentation/current/applications.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="applications.html"/>

2
po-doc/fr/pages/documentation/current/applications/adfs.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,applications,adfs"/>
<link rel="search" type="application/opensearchdescription+xml" href="../lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="adfs.html"/>

4
po-doc/fr/pages/documentation/current/applications/img/icons.png
View File

@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=378132ea54accc5c67c7c9ceda71bf59" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/applications/img/icons.png?do=login&amp;sectok=62a29c35a267f658799e362598e991b4" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1489508242" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aicons.png&amp;1490850178" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>

4
po-doc/fr/pages/documentation/current/applications/img/loader.gif
View File

@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=378132ea54accc5c67c7c9ceda71bf59" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/applications/img/loader.gif?do=login&amp;sectok=62a29c35a267f658799e362598e991b4" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1489508242" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Aapplications%3Aimg%3Aloader.gif&amp;1490850178" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>

64
po-doc/fr/pages/documentation/current/authcombination.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,authcombination"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authcombination.html"/>
@ -61,6 +61,8 @@
<li class="level3"><div class="li"><a href="#let_s_be_crazy">Let's be crazy</a></div></li>
</ul>
</li>
<li class="level2"><div class="li"><a href="#combine_second_factor">Combine second factor</a></div></li>
<li class="level2"><div class="li"><a href="#display_multiple_forms">Display multiple forms</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#known_problems">Problèmes connus</a></div>
@ -291,19 +293,59 @@ The following rule is valid:
</div><!-- EDIT7 SECTION "Rule chain" [1304-3610] -->
<h2 class="sectionedit11" id="known_problems">Problèmes connus</h2>
<h3 class="sectionedit11" id="combine_second_factor">Combine second factor</h3>
<div class="level3">
<p>
Imagine you want to authenticate users either by SSL or LDAP+U2F, you can't directly write this rule: this is done in 2 steps:
</p>
<ul>
<li class="level1"><div class="li"> use this combination rule: <code>[SSL,LDAP] or [LDAP]</code></div>
</li>
<li class="level1"><div class="li"> enable U2F with this rule: <code>$_auth eq “LDAP”</code> or <code>$_authenticationLevel &lt; 4</code> <em>(and adapt U2F authentication level)</em></div>
</li>
</ul>
<p>
Now if you want to authenticate users either by LDAP or LDAP+U2F <em>(to have 2 different authentication level)</em>, 2 possibilities:
</p>
<ul>
<li class="level1"><div class="li"> configure 2 portals and overwrite U2F activation in the second</div>
</li>
<li class="level1"><div class="li"> Modify login template to propose the choice <em>(add a “submit” button that points to the second portal)</em></div>
</li>
</ul>
</div><!-- EDIT11 SECTION "Combine second factor" [3611-4260] -->
<h3 class="sectionedit12" id="display_multiple_forms">Display multiple forms</h3>
<div class="level3">
<p>
Combination module returns the form corresponding to the first authentication scheme available for the current request. You can force it to display the forms chosen using <code>combinationForms</code> in lemonldap-ng.ini. Exemple :
</p>
<pre class="code :ini"><span class="re0"><span class="br0">[</span>portal<span class="br0">]</span></span>
<span class="re1">combinationForms</span> <span class="sy0">=</span><span class="re2"> standardform, openidform</span></pre>
</div><!-- EDIT12 SECTION "Display multiple forms" [4261-4589] -->
<h2 class="sectionedit13" id="known_problems">Problèmes connus</h2>
<div class="level2">
</div><!-- EDIT11 SECTION "Known problems" [3611-3638] -->
</div><!-- EDIT13 SECTION "Known problems" [4590-4617] -->
<h3 class="sectionedit12" id="federation_protocols">Federation protocols</h3>
<h3 class="sectionedit14" id="federation_protocols">Federation protocols</h3>
<div class="level3">
<p>
<a href="authsaml.html" class="wikilink1" title="documentation:2.0:authsaml">SAML</a>, <a href="authopenidconnect.html" class="wikilink1" title="documentation:2.0:authopenidconnect">OpenID-Connect</a>, <a href="authcas.html" class="wikilink1" title="documentation:2.0:authcas">CAS</a> or <a href="authopenid.html" class="wikilink1" title="documentation:2.0:authopenid">old OpenID</a> can't be chained with a “and” for authentication part. So “[<abbr title="Security Assertion Markup Language">SAML</abbr>] and [LDAP]” isn't valid. This is because their authentication kinematic don't use the same steps.
</p>
<div class="table sectionedit13"><table class="inline table table-bordered table-striped">
<div class="table sectionedit15"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> Bad expression </th><th class="col1 centeralign"> Solution </th><th class="col2 centeralign"> Explanation </th>
@ -315,11 +357,11 @@ The following rule is valid:
<tr class="row2 roweven">
<td class="col0"> <em><code>[<abbr title="Security Assertion Markup Language">SAML</abbr>] and [LDAP] or [LDAP]</code></em> </td><td class="col1"> <code>[<abbr title="Security Assertion Markup Language">SAML</abbr>, <abbr title="Security Assertion Markup Language">SAML</abbr> and LDAP] or [LDAP]</code> </td><td class="col2"> Authentication is done by <abbr title="Security Assertion Markup Language">SAML</abbr> or LDAP but user must match an LDAP entry </td>
</tr>
</table></div><!-- EDIT13 TABLE [3938-4270] -->
</table></div><!-- EDIT15 TABLE [4917-5249] -->
</div><!-- EDIT12 SECTION "Federation protocols" [3639-4271] -->
</div><!-- EDIT14 SECTION "Federation protocols" [4618-5250] -->
<h3 class="sectionedit14" id="authapache_authentication">Authentification AuthApache</h3>
<h3 class="sectionedit16" id="authapache_authentication">Authentification AuthApache</h3>
<div class="level3">
<p>
@ -335,16 +377,16 @@ Example: <code>[ Apache and LDAP, LDAP ]</code>
Pour outrepasser ceci, suivre la documentation du <a href="authapache.html" class="wikilink1" title="documentation:2.0:authapache">module AuthApache</a>
</p>
</div><!-- EDIT14 SECTION "AuthApache authentication" [4272-4688] -->
</div><!-- EDIT16 SECTION "AuthApache authentication" [5251-5667] -->
<h3 class="sectionedit15" id="ssl_authentication">Authentification SSL</h3>
<h3 class="sectionedit17" id="ssl_authentication">Authentification SSL</h3>
<div class="level3">
<p>
Pour chaîner SSL, il est nécessaire de mettre “SSLRequire optional” dans le fichier de configuration Apache, sinon les utilisateurs ne seront authentifiés que par SSL.
</p>
</div><!-- EDIT15 SECTION "SSL authentication" [4689-] -->
</div><!-- EDIT17 SECTION "SSL authentication" [5668-] -->
</div>
</body>
</html>

2
po-doc/fr/pages/documentation/current/authopenidconnect.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authopenidconnect"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authopenidconnect.html"/>

2
po-doc/fr/pages/documentation/current/authpam.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,authpam"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="authpam.html"/>

16
po-doc/fr/pages/documentation/current/configvhost.html
View File

@ -219,6 +219,8 @@ Then you can take any virtual host and modify it:
auth_request /lmauth;
auth_request_set $lmremote_user $upstream_http_lm_remote_user;
auth_request_set $lmlocation $upstream_http_location;
auth_request_set $cookie_value $upstream_http_set_cookie;
add_header Set-Cookie $cookie_value;
error_page 401 $lmlocation;
try_files $uri $uri/ =404;
&nbsp;
@ -252,7 +254,7 @@ Then you can take any virtual host and modify it:
#fastcgi_param REMOTE_USER $lmremote_user;
}</pre>
</div><!-- EDIT6 SECTION "Nginx configuration" [3049-4833] -->
</div><!-- EDIT6 SECTION "Nginx configuration" [3049-4936] -->
<h3 class="sectionedit7" id="hosted_application1">Application hébergée</h3>
<div class="level3">
@ -311,7 +313,7 @@ server {
}
}</pre>
</div><!-- EDIT7 SECTION "Hosted application" [4834-6463] -->
</div><!-- EDIT7 SECTION "Hosted application" [4937-6566] -->
<h3 class="sectionedit8" id="reverse_proxy1">Proxy inverse</h3>
<div class="level3">
@ -362,7 +364,7 @@ server {
}
}</pre>
</div><!-- EDIT8 SECTION "Reverse proxy" [6464-7758] -->
</div><!-- EDIT8 SECTION "Reverse proxy" [6567-7861] -->
<h2 class="sectionedit9" id="lemonldapng_configuration">Configuration de LemonLDAP::NG</h2>
<div class="level2">
@ -389,7 +391,7 @@ Un hôte vituel contient :
</li>
</ul>
</div><!-- EDIT9 SECTION "LemonLDAP::NG configuration" [7759-8246] -->
</div><!-- EDIT9 SECTION "LemonLDAP::NG configuration" [7862-8349] -->
<h3 class="sectionedit10" id="access_rules_and_http_headers">Règles d'accès et en-têtes HTTP</h3>
<div class="level3">
@ -398,7 +400,7 @@ Un hôte vituel contient :
Voir <strong><a href="writingrulesand_headers.html" class="wikilink1" title="documentation:2.0:writingrulesand_headers">Écrire des règles et des en-têtes</a></strong> pour savoir comment configurer le contrôle d'accès et les en-têtes HTTP transmis à l'application par <abbr title="LemonLDAP::NG">LL::NG</abbr>.
</p>
</div><!-- EDIT10 SECTION "Access rules and HTTP headers" [8247-8439] -->
</div><!-- EDIT10 SECTION "Access rules and HTTP headers" [8350-8542] -->
<h3 class="sectionedit11" id="post_data">Données POST</h3>
<div class="level3">
@ -407,7 +409,7 @@ Voir <strong><a href="writingrulesand_headers.html" class="wikilink1" title="doc
Voir <strong><a href="formreplay.html" class="wikilink1" title="documentation:2.0:formreplay">Rejeu des formulaires</a></strong> pour savoir comment configurer le rejeu des formulaires pour poster des données à une applications protégée.
</p>
</div><!-- EDIT11 SECTION "POST data" [8440-8574] -->
</div><!-- EDIT11 SECTION "POST data" [8543-8677] -->
<h3 class="sectionedit12" id="options">Options</h3>
<div class="level3">
@ -428,7 +430,7 @@ Quelques options sont disponibles :
Ces options sont utilisées dans la construction des <abbr title="Uniform Resource Locator">URL</abbr> de redirection (lorsque l'utilisateur n'est pas connecté ou pour les requêtes <abbr title="Authentification inter-domaines">CDA</abbr>). Sauf modification, les valeurs par défaut sont utilisées. Ces options ne sont à utiliser que pour surcharger les valeurs par défaut.
</p>
</div><!-- EDIT12 SECTION "Options" [8575-] -->
</div><!-- EDIT12 SECTION "Options" [8678-] -->
</div>
</body>
</html>

29
po-doc/fr/pages/documentation/current/customfunctions.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,customfunctions"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="customfunctions.html"/>
@ -89,29 +89,20 @@ Créer un module Perl avec des fonctions personnalisées. Le module peut être a
<pre class="code file perl"><a href="http://perldoc.perl.org/functions/package.html"><span class="kw3">package</span></a> SSOExtensions<span class="sy0">;</span>
&nbsp;
<span class="kw2">sub</span> function1 <span class="br0">{</span>
<span class="kw1">my</span> <span class="re0">$url</span> <span class="sy0">=</span> <a href="http://perldoc.perl.org/functions/shift.html"><span class="kw3">shift</span></a><span class="sy0">;</span>
<span class="kw1">my</span> <span class="re0">$param</span> <span class="sy0">=</span> <a href="http://perldoc.perl.org/functions/shift.html"><span class="kw3">shift</span></a><span class="sy0">;</span>
<span class="kw1">my</span> <span class="br0">(</span><span class="re0">@args</span><span class="br0">)</span> <span class="sy0">=</span> <span class="co5">@_</span><span class="sy0">;</span>
&nbsp;
<span class="co1"># Le joli code ici :</span>
&nbsp;
<a href="http://perldoc.perl.org/functions/return.html"><span class="kw3">return</span></a> <span class="re0">$param</span><span class="sy0">;</span>
<span class="co1"># Your nice code here</span>
<a href="http://perldoc.perl.org/functions/return.html"><span class="kw3">return</span></a> <span class="re0">$result</span><span class="sy0">;</span>
<span class="br0">}</span>
&nbsp;
<span class="nu0">1</span><span class="sy0">;</span></pre>
<div class="notetip">Le premier paramètre passé à la fonction personnalisée est l'<abbr title="Uniform Resource Locator">URL</abbr> demandée, c'est à dire<ul>
<li class="level1"><div class="li"> <strong>l'<abbr title="Uniform Resource Locator">URL</abbr> complète du portail</strong> si la fonction personnalisée est appelée par le portail (i.e. <a href="https://auth.example.com/" class="urlextern" title="https://auth.example.com/" rel="nofollow">https://auth.example.com/</a>)</div>
</li>
<li class="level1"><div class="li"> <strong>l'<abbr title="Uniform Resource Locator">URL</abbr> absolue</strong> si elle est appelée par un agent (e.g. /admin/index.php?param=foo).</div>
</li>
</ul>
</div>
</div><!-- EDIT2 SECTION "Write custom functions library" [220-844] -->
</div><!-- EDIT2 SECTION "Write custom functions library" [220-554] -->
<h2 class="sectionedit3" id="import_custom_functions_in_lemonldapng">Importer les fonctions personnalisées dans LemonLDAP::NG</h2>
<div class="level2">
</div><!-- EDIT3 SECTION "Import custom functions in LemonLDAP::NG" [845-898] -->
</div><!-- EDIT3 SECTION "Import custom functions in LemonLDAP::NG" [555-608] -->
<h3 class="sectionedit4" id="declare_module_in_handler_server">Declarer le module dans le serveur « handler »</h3>
<div class="level3">
@ -153,7 +144,7 @@ GROUP=www-data
# Fichier éventuel de fonctions personnalisées
CUSTOM_FUNCTIONS_FILE=/root/SSOExtensions.pm</pre>
</div><!-- EDIT4 SECTION "Declare module in handler server" [899-1833] -->
</div><!-- EDIT4 SECTION "Declare module in handler server" [609-1543] -->
<h3 class="sectionedit5" id="declare_custom_functions">Declarer les fonctions personnalisées</h3>
<div class="level3">
@ -164,7 +155,7 @@ Aller dans le manager, <code>Paramètres généraux</code> » <code>Paramètres
<pre class="code">SSOExtensions::function1</pre>
<div class="noteimportant">Si la fonction n'est pas compatible avec la <a href="safejail.html" class="wikilink1" title="documentation:2.0:safejail">cage saine</a>, il faut désactiver la mise en cage.
</div>
</div><!-- EDIT5 SECTION "Declare custom functions" [1834-2130] -->
</div><!-- EDIT5 SECTION "Declare custom functions" [1544-1840] -->
<h2 class="sectionedit6" id="use_it">Les utiliser</h2>
<div class="level2">
@ -172,9 +163,9 @@ Aller dans le manager, <code>Paramètres généraux</code> » <code>Paramètres
<p>
Les fonctions peuvent être utilisées dans une macro, un en-tête ou une règle d'accès, par exemple:
</p>
<pre class="code">Custom-Header =&gt; function1($uid)</pre>
<pre class="code">Custom-Header =&gt; function1( $uid, $ENV{REMOTE_ADDR} )</pre>
</div><!-- EDIT6 SECTION "Use it" [2131-] -->
</div><!-- EDIT6 SECTION "Use it" [1841-] -->
</div>
</body>
</html>

43
po-doc/fr/pages/documentation/current/extendedfunctions.html
View File

@ -63,6 +63,7 @@
<li class="level2"><div class="li"><a href="#groupmatch">groupMatch</a></div></li>
<li class="level2"><div class="li"><a href="#encrypt">encrypt</a></div></li>
<li class="level2"><div class="li"><a href="#token">token</a></div></li>
<li class="level2"><div class="li"><a href="#isinnet6">isInNet6</a></div></li>
</ul></li>
</ul>
</div>
@ -127,12 +128,18 @@ Dans cette cage, on peut accéder aux éléments suivants :
</li>
<li class="level2"><div class="li"> <a href="#groupmatch" title="documentation:2.0:extendedfunctions ↵" class="wikilink1">groupMatch</a></div>
</li>
<li class="level2"><div class="li"> <a href="#encrypt" title="documentation:2.0:extendedfunctions ↵" class="wikilink1">encrypt</a></div>
</li>
<li class="level2"><div class="li"> <a href="#token" title="documentation:2.0:extendedfunctions ↵" class="wikilink1">token</a></div>
</li>
<li class="level2"><div class="li"> <a href="#isinnet6" title="documentation:2.0:extendedfunctions ↵" class="wikilink1">isInNet6</a></div>
</li>
</ul>
</li>
</ul>
<div class="notetip">Pour en savoir plus sur la cage, consulter la <a href="http://perldoc.perl.org/Safe.html" class="urlextern" title="http://perldoc.perl.org/Safe.html" rel="nofollow">documentation du module Safe</a>.
</div>
</div><!-- EDIT2 SECTION "Presentation" [35-1192] -->
</div><!-- EDIT2 SECTION "Presentation" [35-1271] -->
<h2 class="sectionedit3" id="request_information">Request information</h2>
<div class="level2">
@ -159,12 +166,12 @@ Les données suivantes concernant la requête courante sont disponibles via les
</li>
</ul>
</div><!-- EDIT3 SECTION "Request information" [1193-1598] -->
</div><!-- EDIT3 SECTION "Request information" [1272-1677] -->
<h2 class="sectionedit4" id="extended_functions_list">Liste des fonctions étendues</h2>
<div class="level2">
</div><!-- EDIT4 SECTION "Extended Functions List" [1599-1635] -->
</div><!-- EDIT4 SECTION "Extended Functions List" [1678-1714] -->
<h3 class="sectionedit5" id="date">date</h3>
<div class="level3">
@ -174,7 +181,7 @@ Retourne la date au format AAAAMMJJHHMMSS, heure locale par défaut, GMT si dema
</p>
<pre class="code">date(1)</pre>
</div><!-- EDIT5 SECTION "date" [1636-1755] -->
</div><!-- EDIT5 SECTION "date" [1715-1834] -->
<h3 class="sectionedit6" id="checklogonhours">checkLogonHours</h3>
<div class="level3">
@ -229,7 +236,7 @@ Il est possible de modifier le comportement par défaut pour les utilisateurs ne
</p>
<pre class="code">checkLogonHours($ssoLogonHours, '', '', '1')</pre>
</div><!-- EDIT6 SECTION "checkLogonHours" [1756-3693] -->
</div><!-- EDIT6 SECTION "checkLogonHours" [1835-3772] -->
<h3 class="sectionedit7" id="checkdate">checkDate</h3>
<div class="level3">
@ -261,7 +268,7 @@ Exemple d'usage simple :
</p>
<pre class="code">checkDate($ssoStartDate, $ssoEndDate)</pre>
</div><!-- EDIT7 SECTION "checkDate" [3694-4321] -->
</div><!-- EDIT7 SECTION "checkDate" [3773-4400] -->
<h3 class="sectionedit8" id="basic">basic</h3>
<div class="level3">
@ -286,7 +293,7 @@ Exemple d'usage simple :
</p>
<pre class="code">basic($uid,$_password)</pre>
</div><!-- EDIT8 SECTION "basic" [4322-4784] -->
</div><!-- EDIT8 SECTION "basic" [4401-4863] -->
<h3 class="sectionedit9" id="unicode2iso">unicode2iso</h3>
<div class="level3">
@ -309,7 +316,7 @@ Exemple d'usage simple :
</p>
<pre class="code">unicode2iso($nom)</pre>
</div><!-- EDIT9 SECTION "unicode2iso" [4785-5089] -->
</div><!-- EDIT9 SECTION "unicode2iso" [4864-5168] -->
<h3 class="sectionedit10" id="iso2unicode">iso2unicode</h3>
<div class="level3">
@ -332,7 +339,7 @@ Exemple d'usage simple :
</p>
<pre class="code">iso2unicode($name)</pre>
</div><!-- EDIT10 SECTION "iso2unicode" [5090-5394] -->
</div><!-- EDIT10 SECTION "iso2unicode" [5169-5473] -->
<h3 class="sectionedit11" id="groupmatch">groupMatch</h3>
<div class="level3">
@ -360,7 +367,7 @@ Exemple d'usage simple :
</p>
<pre class="code">groupMatch($hGroups, 'description', 'Service 1')</pre>
</div><!-- EDIT11 SECTION "groupMatch" [5395-5753] -->
</div><!-- EDIT11 SECTION "groupMatch" [5474-5832] -->
<h3 class="sectionedit12" id="encrypt">encrypt</h3>
<div class="level3">
@ -374,7 +381,7 @@ This function uses the secret key of LLNG configuration to crypt a data. This ca
</p>
<pre class="code">encrypt($_whatToTrace)</pre>
</div><!-- EDIT12 SECTION "encrypt" [5754-6059] -->
</div><!-- EDIT12 SECTION "encrypt" [5833-6138] -->
<h3 class="sectionedit13" id="token">token</h3>
<div class="level3">
@ -386,7 +393,19 @@ This function generates token used to <a href="servertoserver.html" class="wikil
</p>
<pre class="code">token($_session_id,'webapp1.example.com','webapp2.example.com')</pre>
</div><!-- EDIT13 SECTION "token" [6060-] -->
</div><!-- EDIT13 SECTION "token" [6139-6343] -->
<h3 class="sectionedit14" id="isinnet6">isInNet6</h3>
<div class="level3">
<p>
Function to check if an IPv6 address is in a subnet. Example <em>check if <abbr title="Internet Protocol">IP</abbr> address is local</em>:
</p>
<pre class="code perl">isInNet6<span class="br0">(</span><span class="re0">$ipAddr</span><span class="sy0">,</span> <span class="st_h">'fe80::/10'</span><span class="br0">)</span></pre>
</div><!-- EDIT14 SECTION "isInNet6" [6344-] -->
</div>
</body>
</html>

94
po-doc/fr/pages/documentation/current/external2f.html Normal file
View File

@ -0,0 +1,94 @@
<!DOCTYPE html>
<html lang="fr" dir="ltr">
<head>
<meta http-equiv="content-type" content="text/html; charset=UTF-8">
<meta charset="utf-8" />
<title>documentation:2.0:external2f</title><!-- //if:usedebianlibs
<link rel="stylesheet" type="text/css" href="/javascript/bootstrap/css/bootstrap.min.css" />
//elsif:useexternallibs
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css"></script>
//elsif:cssminified
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,external2f"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="external2f.html"/>
<link rel="contents" href="external2f.html" title="Sitemap"/>
<link rel="stylesheet" type="text/css" href="lib/exe/css.php.t.bootstrap3.css"/>
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.css" />
<script type="text/javascript">/*<![CDATA[*/var NS='documentation:2.0';var JSINFO = {"id":"documentation:2.0:external2f","namespace":"documentation:2.0"};
/*!]]>*/</script>
<script type="text/javascript" charset="utf-8" src="lib/exe/js.php.t.bootstrap3.js"></script><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery/jquery.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/jquery-2.2.0.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.min.js"></script>
//else -->
<script type="text/javascript" src="/static/bwr/jquery/dist/jquery.js"></script><!-- //endif --><!-- //if:usedebianlibs
<script type="text/javascript" src="/javascript/jquery-ui/jquery-ui.min.js"></script>
//elsif:useexternallibs
<script type="text/javascript" src="http://code.jquery.com/ui/1.10.4/jquery-ui.min.js"></script>
//elsif:jsminified
<script type="text/javascript" src="/lib/scripts/jquery-ui.min.js"></script>
//else -->
<script type="text/javascript" src="/lib/scripts/jquery-ui.js"></script><!-- //endif -->
</head>
<body>
<div class="dokuwiki export container">
<h1 class="sectionedit1" id="external_second_factor">External Second Factor</h1>
<div class="level1">
<p>
This simple plugin can be used to add a second factor for authentication (SMS, OTP,…). It uses external commands to send and validate the second factor. You can use any language to call your 2nd factor system.
</p>
</div><!-- EDIT1 SECTION "External Second Factor" [1-251] -->
<h2 class="sectionedit2" id="commands">Commands</h2>
<div class="level2">
<p>
Commands received arguments on the command line and must return a 0 code if succeed, another else. <strong>Nothing must be written to STDOUT</strong>, STDERR is reported in logs <em>(but may be lost with FastCGI server)</em>.
</p>
</div><!-- EDIT2 SECTION "Commands" [252-483] -->
<h3 class="sectionedit3" id="configuration">Configuration</h3>
<div class="level3">
<p>
All parameters are configured in “General Parameters » Portal Parameters » Extensions » External 2nd Factor”.
</p>
<ul>
<li class="level1"><div class="li"> <strong>Activation</strong></div>
</li>
<li class="level1"><div class="li"> <strong>Send command</strong>: define your command using <em>$attribute</em> like in rules. Example: <code>/usr/local/bin/sendOtp uid $uid</code></div>
</li>
<li class="level1"><div class="li"> <strong>Validation command</strong>: you must also use <em>$code</em> which is the value entered by user; Example: <code>/usr/local/bin/verify uid $uid code $code</code></div>
</li>
<li class="level1"><div class="li"> <strong>Authentication Level</strong>: if you want to overwrite the value sent by your authentication module, you can define here the new authentication level. Example: 5</div>
</li>
</ul>
<div class="noteimportant">The command line is split in an array and launch with exec(). So you don't need to enclose arguments in “” and this protects your system against shell injection. However, you can not use any space except to separate arguments.
</div>
</div><!-- EDIT3 SECTION "Configuration" [484-] -->
</div>
</body>
</html>

20
po-doc/fr/pages/documentation/current/federationproxy.html
View File

@ -63,19 +63,25 @@ Ainsi on peut le configurer pour authentifier les utilisateurs en utilisant un p
</p>
<p>
Par exemple, un serveur <abbr title="LemonLDAP::NG">LL::NG</abbr> peut être :
Schemes validated:
</p>
<ul>
<li class="level1"><div class="li"> Un <a href="idpcas.html" class="wikilink1" title="documentation:2.0:idpcas"> serveur CAS</a> avec une <a href="authsaml.html" class="wikilink1" title="documentation:2.0:authsaml">authentification SAML</a></div>
<li class="level1"><div class="li"> <abbr title="Security Assertion Markup Language">SAML</abbr>-SP <strong></strong> LLNG as <a href="idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">SAML</a>/<a href="authopenidconnect.html" class="wikilink1" title="documentation:2.0:authopenidconnect">OpenID-Connect</a> proxy <strong></strong> OIDC Provider</div>
</li>
<li class="level1"><div class="li"> Un <a href="idpopenid.html" class="wikilink1" title="documentation:2.0:idpopenid">serveur OpenID</a> avec une <a href="authcas.html" class="wikilink1" title="documentation:2.0:authcas">authentification CAS</a></div>
</li>
<li class="level1"><div class="li"> Un <a href="idpsaml.html" class="wikilink1" title="documentation:2.0:idpsaml">serveur SAML</a> avec une <a href="authopenid.html" class="wikilink1" title="documentation:2.0:authopenid">authentification OpenID</a></div>
</li>
<li class="level1"><div class="li"></div>
<li class="level1"><div class="li"> OIDC-RP <strong></strong> LLNG as <a href="idpopenidconnect.html" class="wikilink1" title="documentation:2.0:idpopenidconnect">OpenID-Connect</a>/<a href="authsaml.html" class="wikilink1" title="documentation:2.0:authsaml">SAML</a> proxy <strong></strong> <abbr title="Security Assertion Markup Language">SAML</abbr> Identity Provider</div>
</li>
</ul>
<p>
Note that OpenID-Connect consortium hasn't already defined single-logout initiated by OpenID-Connect Provider. LLNG will implement it when this standard will be published.
</p>
<div class="noteimportant">Development of federation can be complex. Don't hesitate to contact us on lemonldap-ng-users@ow2.org
</div>
<p>
Voir les chapîtres suivants :
</p>

21
po-doc/fr/pages/documentation/current/performances.html
View File

@ -216,10 +216,16 @@ Le portail est le composant le plus gros de Lemonldap::NG. Since version 2.0, it
<li class="level1"><div class="li"></div>
</li>
</ul>
<p>
By default it uses local storage to store its tokens. If you have more than 1 portal and if your load-balancer doesn't keep state, you have to disable this to use the global session storage <em>(General parameters » portal Parameters » Advanced Parameters » Forms)</em>. Note that this will decrease performances.
</p>
<div class="notetip">En environnement de production et pour de meilleures performances réseau, utiliser les versions compactées des librairies javascript et css : utiliser <code>make install <strong>PROD=yes</strong></code>. Ceci est fait par défaut avec les paquets RPM/DEB.
</div>
</div><!-- EDIT7 SECTION "General performances" [3645-4198] -->
</div><!-- EDIT7 SECTION "General performances" [3645-4511] -->
<h3 class="sectionedit8" id="apachesession_performances">Performances d'Apache::Session</h3>
<div class="level3">
@ -267,10 +273,11 @@ Index -&gt; ipAddr uid</pre>
<p>
Notez que Apache::Session::Browseable::MySQL n'utilise pas les verrous MySQL.
</p>
<div class="notetip">Un module <a href="https://metacpan.org/module/Apache::Session::Browseable::Redis" class="urlextern" title="https://metacpan.org/module/Apache::Session::Browseable::Redis" rel="nofollow">Apache::Session::Browseable::Redis</a> a été créé, c'est le plus rapide (excepté pour l'explorateur de sessions, battu par Apache::Session::Browseable::<a href="https://metacpan.org/module/Apache::Session::Browseable" class="urlextern" title="https://metacpan.org/module/Apache::Session::Browseable" rel="nofollow">DBI</a>/<a href="https://metacpan.org/module/Apache::Session::Browseable::LDAP" class="urlextern" title="https://metacpan.org/module/Apache::Session::Browseable::LDAP" rel="nofollow">LDAP</a> &gt;= 1.0)
<div class="notetip">A <a href="https://metacpan.org/module/Apache::Session::Browseable::Redis" class="urlextern" title="https://metacpan.org/module/Apache::Session::Browseable::Redis" rel="nofollow">Apache::Session::Browseable::Redis</a> has been created, it is the faster (except for session explorer, defeated by Apache::Session::Browseable::<a href="https://metacpan.org/module/Apache::Session::Browseable" class="urlextern" title="https://metacpan.org/module/Apache::Session::Browseable" rel="nofollow">DBI</a>/<a href="https://metacpan.org/module/Apache::Session::Browseable::LDAP" class="urlextern" title="https://metacpan.org/module/Apache::Session::Browseable::LDAP" rel="nofollow">LDAP</a> ≥ 1.0)
</div><div class="noteimportant">Certains modules Apache::Session ne sont pas utilisables par Lemonldap::NG tel Apache::Session::Memcached, car ce module n'offre pas de dispositif de parcours des sessions They does not allow one to use sessions explorer neither manage one-off sessions.
</div>
</div><!-- EDIT8 SECTION "Apache::Session performances" [4199-6555] -->
</div><!-- EDIT8 SECTION "Apache::Session performances" [4512-6869] -->
<h3 class="sectionedit9" id="ldap_performances">Performances LDAP</h3>
<div class="level3">
@ -307,12 +314,12 @@ Maintenant, ldapgroups contient “admin su”
</p>
</div>
</div><!-- EDIT9 SECTION "LDAP performances" [6556-7685] -->
</div><!-- EDIT9 SECTION "LDAP performances" [6870-7999] -->
<h2 class="sectionedit10" id="manager_performances">Performances du Manager</h2>
<div class="level2">
</div><!-- EDIT10 SECTION "Manager performances" [7686-7719] -->
</div><!-- EDIT10 SECTION "Manager performances" [8000-8033] -->
<h3 class="sectionedit11" id="disable_unused_modules">Désactiver les modules inutilisés</h3>
<div class="level3">
@ -323,7 +330,7 @@ In lemonldap-ng.ini, set only modules that you will use. By default, configurati
<pre class="code ini"><span class="re0"><span class="br0">[</span>manager<span class="br0">]</span></span>
<span class="re1">enabledModules</span> <span class="sy0">=</span><span class="re2"> conf, sessions</span></pre>
</div><!-- EDIT11 SECTION "Disable unused modules" [7720-7966] -->
</div><!-- EDIT11 SECTION "Disable unused modules" [8034-8280] -->
<h3 class="sectionedit12" id="use_static_html_files">Use static HTML files</h3>
<div class="level3">
@ -356,7 +363,7 @@ So manager <abbr title="HyperText Markup Language">HTML</abbr> templates will be
</p>
</div><!-- EDIT12 SECTION "Use static HTML files" [7967-] -->
</div><!-- EDIT12 SECTION "Use static HTML files" [8281-] -->
</div>
</body>
</html>

4
po-doc/fr/pages/documentation/current/restserverplugin
View File

@ -90,7 +90,7 @@
<form action="/start" accept-charset="utf-8" class="search" id="dw__search" method="get" role="search"><div class="no"><input type="hidden" name="do" value="search" /><input type="text" id="qsearch__in" accesskey="f" name="id" class="edit" title="[F]" /><input type="submit" value="Search" class="button" title="Search" /><div id="qsearch__out" class="ajax_qsearch JSpopup"></div></div></form>
<ul class="nav navbar-nav">
<li><a href="/documentation/2.0/restserverplugin?do=login&amp;sectok=378132ea54accc5c67c7c9ceda71bf59" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
<li><a href="/documentation/2.0/restserverplugin?do=login&amp;sectok=62a29c35a267f658799e362598e991b4" class="action login" rel="nofollow" title="Login"><i class="glyphicon glyphicon-log-in"></i> Login</a></li> </ul>
</div>
@ -204,7 +204,7 @@ You&#039;ve followed a link to a topic that doesn&#039;t exist yet. If permissio
</div><!-- /site -->
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Arestserverplugin&amp;1489508257" width="2" height="1" alt="" /></div>
<div class="no"><img src="/lib/exe/indexer.php?id=documentation%3A2.0%3Arestserverplugin&amp;1490850194" width="2" height="1" alt="" /></div>
<div id="screen__mode" class="no">
<span class="visible-xs"></span>
<span class="visible-sm"></span>

33
po-doc/fr/pages/documentation/current/start.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="robots" content="index,follow"/>
<meta name="keywords" content="documentation,2.0,start"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="start.html"/>
@ -238,7 +238,7 @@
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0"> <a href="authad.html" class="wikilink1" title="documentation:2.0:authad">Active Directory</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 leftalign"> </td>
<td class="col0"> <a href="authad.html" class="wikilink1" title="documentation:2.0:authad">Active Directory</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"> </td>
</tr>
<tr class="row2 roweven">
<td class="col0"> <a href="authapache.html" class="wikilink1" title="documentation:2.0:authapache">Apache (Kerberos, NTLM, OTP, ...)</a> </td><td class="col1 centeralign"></td><td class="col2 leftalign"> </td><td class="col3 leftalign"> </td>
@ -324,13 +324,16 @@
<tr class="row29 rowodd">
<td class="col0"> <a href="u2f.html" class="wikilink1" title="documentation:2.0:u2f">U2F</a> </td><td class="col1 centeralign"></td><td class="col2"></td><td class="col3"></td>
</tr>
</table></div><!-- EDIT10 TABLE [2160-3733] -->
<tr class="row30 roweven">
<td class="col0"> <a href="external2f.html" class="wikilink1" title="documentation:2.0:external2f">External Second Factor</a> </td><td class="col1 centeralign"></td><td class="col2"></td><td class="col3"></td>
</tr>
</table></div><!-- EDIT10 TABLE [2160-3786] -->
<p>
</p></div></div>
</p>
</div><!-- EDIT9 SECTION "Authentication, users and password databases" [1987-3761] -->
</div><!-- EDIT9 SECTION "Authentication, users and password databases" [1987-3814] -->
<h3 class="sectionedit11" id="configuration_database">Base de données de la configuration</h3>
<div class="level3">
@ -365,14 +368,14 @@
<tr class="row5 rowodd">
<td class="col0 centeralign"> <a href="soapconfbackend.html" class="wikilink1" title="documentation:2.0:soapconfbackend">SOAP</a> </td><td class="col1 centeralign"></td><td class="col2 leftalign"> Backend proxy à utiliser avec un autre backend de configuration. <br/><strong>Peut être utilisé pour sécuriser un autre backend</strong> pour des serveurs distants. </td>
</tr>
</table></div><!-- EDIT12 TABLE [4036-4625] -->
</table></div><!-- EDIT12 TABLE [4089-4678] -->
<div class="notetip">On ne peut démarrer avec une configuration vide, il faut donc lire <a href="changeconfbackend.html" class="wikilink1" title="documentation:2.0:changeconfbackend">comment changer de backend de configuration</a> pour convertir une configuration existante en une autre.
</div>
<p>
</p></div></div>
</p>
</div><!-- EDIT11 SECTION "Configuration database" [3762-4841] -->
</div><!-- EDIT11 SECTION "Configuration database" [3815-4894] -->
<h3 class="sectionedit13" id="sessions_database">Base de données des sessions</h3>
<div class="level3">
@ -416,13 +419,13 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
<tr class="row8 roweven">
<td class="col0 centeralign"> <a href="soapsessionbackend.html" class="wikilink1" title="documentation:2.0:soapsessionbackend">SOAP</a> </td><td class="col1 centeralign"></td><td class="col2 centeralign"></td><td class="col3 centeralign"></td><td class="col4 centeralign"></td><td class="col5 leftalign"> Backend proxy à utiliser avec un autre backend de sessions. <br/> <strong>Peut être utilisé pour sécuriser un autre backend</strong> pour des serveurs distants. </td>
</tr>
</table></div><!-- EDIT14 TABLE [5227-6885] -->
</table></div><!-- EDIT14 TABLE [5280-6938] -->
<p>
</p></div></div>
</p>
</div><!-- EDIT13 SECTION "Sessions database" [4842-6913] -->
</div><!-- EDIT13 SECTION "Sessions database" [4895-6966] -->
<h3 class="sectionedit15" id="identity_provider">Fournisseur d'identité</h3>
<div class="level3">
@ -456,7 +459,7 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
</p></div></div>
</p>
</div><!-- EDIT15 SECTION "Identity provider" [6914-7458] -->
</div><!-- EDIT15 SECTION "Identity provider" [6967-7511] -->
<h2 class="sectionedit16" id="applications_protection">Protection des applications</h2>
<div class="level2">
@ -485,7 +488,7 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
</p></div></div>
</p>
</div><!-- EDIT16 SECTION "Applications protection" [7459-7949] -->
</div><!-- EDIT16 SECTION "Applications protection" [7512-8002] -->
<h3 class="sectionedit17" id="well_known_compatible_applications">Well known compatible applications</h3>
<div class="level3">
@ -566,7 +569,7 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
</p></div>
</p>
</div><!-- EDIT17 SECTION "Well known compatible applications" [7950-9723] -->
</div><!-- EDIT17 SECTION "Well known compatible applications" [8003-9776] -->
<h2 class="sectionedit18" id="advanced_features">Fonctionnalités avancées</h2>
<div class="level2">
@ -617,7 +620,7 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
</p></div></div>
</p>
</div><!-- EDIT18 SECTION "Advanced features" [9724-10661] -->
</div><!-- EDIT18 SECTION "Advanced features" [9777-10714] -->
<h2 class="sectionedit19" id="mini_howtos">Mini howtos</h2>
<div class="level2">
@ -648,7 +651,7 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
</p></div></div>
</p>
</div><!-- EDIT19 SECTION "Mini howtos" [10662-11331] -->
</div><!-- EDIT19 SECTION "Mini howtos" [10715-11384] -->
<h2 class="sectionedit20" id="exploitation">Exploitation</h2>
<div class="level2">
@ -681,7 +684,7 @@ Les sessions sont stockées en utilisant les modules de la famille <a href="http
</p></div></div>
</p>
</div><!-- EDIT20 SECTION "Exploitation" [11332-11752] -->
</div><!-- EDIT20 SECTION "Exploitation" [11385-11805] -->
<h2 class="sectionedit21" id="developer_corner">Developer corner</h2>
<div class="level2">
@ -740,7 +743,7 @@ To translate this doc (Manager help):
</li>
</ul>
</div><!-- EDIT21 SECTION "Developer corner" [11753-] -->
</div><!-- EDIT21 SECTION "Developer corner" [11806-] -->
</div>
</body>
</html>

22
po-doc/fr/pages/documentation/current/upgrade.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,upgrade"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="upgrade.html"/>
@ -135,11 +135,15 @@ Now, <a href="cda.html" class="wikilink1" title="documentation:2.0:cda">CDA</a>,
<h2 class="sectionedit6" id="rules_and_headers">Rules and headers</h2>
<div class="level2">
<ul>
<li class="level1"><div class="li"> pseudo variable <code>$ip</code> is replaced by <code><a href="extendedfunctions.html#request_information" class="wikilink1" title="documentation:2.0:extendedfunctions">remote_ip()</a></code> function in <a href="writingrulesand_headers.html" class="wikilink1" title="documentation:2.0:writingrulesand_headers">rules and headers</a>. Note that session variable <code>$ipAddr</code> <em>(remote address seen by portal)</em> is still available</div>
<li class="level1"><div class="li"> hostname() and remote_ip() are no more provided to avoid some name conflicts <em>(replaced by $ENV{})</em></div>
</li>
<li class="level1"><div class="li"> <code>$ENV{&lt;cgi_variable&gt;}</code> is now available everywhere: see <a href="writingrulesand_headers.html" class="wikilink1" title="documentation:2.0:writingrulesand_headers">Writing rules and headers</a></div>
</li>
<li class="level1"><div class="li"> some variable names have changed. See <a href="variables.html" class="wikilink1" title="documentation:2.0:variables">variables</a> document</div>
</li>
</ul>
</div><!-- EDIT6 SECTION "Rules and headers" [2203-2488] -->
</div><!-- EDIT6 SECTION "Rules and headers" [2203-2521] -->
<h2 class="sectionedit7" id="supported_servers">Supported servers</h2>
<div class="level2">
@ -148,7 +152,7 @@ Now, <a href="cda.html" class="wikilink1" title="documentation:2.0:cda">CDA</a>,
</li>
</ul>
</div><!-- EDIT7 SECTION "Supported servers" [2489-2634] -->
</div><!-- EDIT7 SECTION "Supported servers" [2522-2667] -->
<h2 class="sectionedit8" id="soaprest_services">SOAP/REST services</h2>
<div class="level2">
@ -165,12 +169,12 @@ Now, <a href="cda.html" class="wikilink1" title="documentation:2.0:cda">CDA</a>,
<div class="noteimportant"><a href="handlerauthbasic.html" class="wikilink1" title="documentation:2.0:handlerauthbasic">AuthBasic Handler</a> uses now REST services instead of SOAP.
</div>
</div><!-- EDIT8 SECTION "SOAP/REST services" [2635-3233] -->
</div><!-- EDIT8 SECTION "SOAP/REST services" [2668-3266] -->
<h2 class="sectionedit9" id="developer_corner">Developer corner</h2>
<div class="level2">
</div><!-- EDIT9 SECTION "Developer corner" [3234-3263] -->
</div><!-- EDIT9 SECTION "Developer corner" [3267-3296] -->
<h3 class="sectionedit10" id="apis">APIs</h3>
<div class="level3">
@ -181,7 +185,7 @@ Portal has now many REST features and includes a plugin <abbr title="Interface d
</p>
</div><!-- EDIT10 SECTION "APIs" [3264-3421] -->
</div><!-- EDIT10 SECTION "APIs" [3297-3454] -->
<h3 class="sectionedit11" id="portal_overview">Portal overview</h3>
<div class="level3">
@ -207,13 +211,13 @@ The request is a separated object based on Lemonldap::NG::Portal::Main::Request
</p>
</div><!-- EDIT11 SECTION "Portal overview" [3422-3869] -->
</div><!-- EDIT11 SECTION "Portal overview" [3455-3902] -->
<h3 class="sectionedit12" id="handler">Agent (Handler)</h3>
<div class="level3">
<div class="noteimportant">Handler libraries have been totally rewritten. If you've made custom handlers, they must be rewritten. See <a href="customhandlers.html" class="wikilink1" title="documentation:2.0:customhandlers">customhandlers</a>
</div>
</div><!-- EDIT12 SECTION "Handler" [3870-] -->
</div><!-- EDIT12 SECTION "Handler" [3903-] -->
</div>
</body>
</html>

48
po-doc/fr/pages/documentation/current/variables.html
View File

@ -215,17 +215,17 @@ Données concernant le processus d'authentification.
<td class="col0 leftalign"> _utime </td><td class="col1 leftalign"> Date et heure (timestamp) de la création de la session </td>
</tr>
<tr class="row2 roweven">
<td class="col0 leftalign"> startTime </td><td class="col1 leftalign"> Date et heure (timestamp) de la création de la session </td>
<td class="col0 leftalign"> _startTime </td><td class="col1 leftalign"> Date et heure (timestamp) de la création de la session </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 leftalign"> updateTime </td><td class="col1 leftalign"> Date de la dernière modification de la session </td>
<td class="col0 leftalign"> _updateTime </td><td class="col1 leftalign"> Date de la dernière modification de la session </td>
</tr>
<tr class="row4 roweven">
<td class="col0"> _lastAuthnUTime </td><td class="col1 leftalign"> Date et heure (timestamp) de la dernière authentification </td>
</tr>
</table></div><!-- EDIT10 TABLE [2160-2387] -->
</table></div><!-- EDIT10 TABLE [2160-2389] -->
</div><!-- EDIT9 SECTION "Dates" [2141-2388] -->
</div><!-- EDIT9 SECTION "Dates" [2141-2390] -->
<h2 class="sectionedit11" id="saml">SAML</h2>
<div class="level2">
@ -254,9 +254,9 @@ Donnée relative au protocole <abbr title="Security Assertion Markup Language">S
<tr class="row5 rowodd">
<td class="col0 leftalign"> _lassoIdentityDump </td><td class="col1 leftalign"> Dump de l'identité Lasso </td>
</tr>
</table></div><!-- EDIT12 TABLE [2439-2704] -->
</table></div><!-- EDIT12 TABLE [2441-2706] -->
</div><!-- EDIT11 SECTION "SAML" [2389-2705] -->
</div><!-- EDIT11 SECTION "SAML" [2391-2707] -->
<h2 class="sectionedit13" id="notifications">Notifications</h2>
<div class="level2">
@ -269,9 +269,9 @@ Donnée relative au protocole <abbr title="Security Assertion Markup Language">S
<tr class="row1 rowodd">
<td class="col0 leftalign"> _notification_<em>id</em> </td><td class="col1 leftalign"> Date de validation de la notification <em>id</em> </td>
</tr>
</table></div><!-- EDIT14 TABLE [2733-2833] -->
</table></div><!-- EDIT14 TABLE [2735-2835] -->
</div><!-- EDIT13 SECTION "Notifications" [2706-2834] -->
</div><!-- EDIT13 SECTION "Notifications" [2708-2836] -->
<h2 class="sectionedit15" id="login_history">Historique de connexion</h2>
<div class="level2">
@ -282,11 +282,11 @@ Donnée relative au protocole <abbr title="Security Assertion Markup Language">S
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> loginHistory </td><td class="col1 leftalign"> Table des connexion réussies ou échouées </td>
<td class="col0 leftalign"> _loginHistory </td><td class="col1 leftalign"> Table des connexion réussies ou échouées </td>
</tr>
</table></div><!-- EDIT16 TABLE [2862-2943] -->
</table></div><!-- EDIT16 TABLE [2864-2946] -->
</div><!-- EDIT15 SECTION "Login history" [2835-2944] -->
</div><!-- EDIT15 SECTION "Login history" [2837-2947] -->
<h2 class="sectionedit17" id="ldap">LDAP</h2>
<div class="level2">
@ -303,11 +303,11 @@ Only with UserDB LDAP.
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> dn </td><td class="col1"> Nom distinct (distinguished name) </td>
<td class="col0 leftalign"> _dn </td><td class="col1"> Nom distinct (distinguished name) </td>
</tr>
</table></div><!-- EDIT18 TABLE [2987-3041] -->
</table></div><!-- EDIT18 TABLE [2990-3045] -->
</div><!-- EDIT17 SECTION "LDAP" [2945-3042] -->
</div><!-- EDIT17 SECTION "LDAP" [2948-3046] -->
<h2 class="sectionedit19" id="openid">OpenID</h2>
<div class="level2">
@ -320,9 +320,9 @@ Only with UserDB LDAP.
<tr class="row1 rowodd">
<td class="col0 leftalign"> _openid_<em>id</em> </td><td class="col1 leftalign"> Consentement de partage de l'attribut <em>id</em> via OpenID </td>
</tr>
</table></div><!-- EDIT20 TABLE [3063-3159] -->
</table></div><!-- EDIT20 TABLE [3067-3163] -->
</div><!-- EDIT19 SECTION "OpenID" [3043-3160] -->
</div><!-- EDIT19 SECTION "OpenID" [3047-3164] -->
<h2 class="sectionedit21" id="openid_connect">OpenID Connect</h2>
<div class="level2">
@ -333,13 +333,13 @@ Only with UserDB LDAP.
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> OpenIDConnect_IDToken </td><td class="col1 leftalign"> ID Token </td>
<td class="col0 leftalign"> _oidc_id_token </td><td class="col1 leftalign"> ID Token </td>
</tr>
<tr class="row2 roweven">
<td class="col0 leftalign"> OpenIDConnect_OP </td><td class="col1 leftalign"> Configuration key of OP used for authentication </td>
<td class="col0 leftalign"> _oidc_OP </td><td class="col1 leftalign"> Configuration key of OP used for authentication </td>
</tr>
<tr class="row3 rowodd">
<td class="col0 leftalign"> OpenIDConnect_access_token </td><td class="col1 leftalign"> OAuth2 Access Token used to get UserInfo data </td>
<td class="col0 leftalign"> _oidc_access_token </td><td class="col1 leftalign"> OAuth2 Access Token used to get UserInfo data </td>
</tr>
<tr class="row4 roweven">
<td class="col0"> _oidc_consent_scope_<em>rp</em> </td><td class="col1 leftalign"> Scope for which consent was given for RP <em>rp</em> </td>
@ -347,9 +347,9 @@ Only with UserDB LDAP.
<tr class="row5 rowodd">
<td class="col0"> _oidc_consent_time_<em>rp</em> </td><td class="col1 leftalign"> Time when consent was given for RP <em>rp</em> </td>
</tr>
</table></div><!-- EDIT22 TABLE [3189-3564] -->
</table></div><!-- EDIT22 TABLE [3193-3545] -->
</div><!-- EDIT21 SECTION "OpenID Connect" [3161-3565] -->
</div><!-- EDIT21 SECTION "OpenID Connect" [3165-3546] -->
<h2 class="sectionedit23" id="other">Autres</h2>
<div class="level2">
@ -360,14 +360,14 @@ Only with UserDB LDAP.
</tr>
</thead>
<tr class="row1 rowodd">
<td class="col0 leftalign"> appsListOrder </td><td class="col1 leftalign"> Ordre des catégories dans le menu </td>
<td class="col0 leftalign"> _appsListOrder </td><td class="col1 leftalign"> Ordre des catégories dans le menu </td>
</tr>
<tr class="row2 roweven">
<td class="col0 leftalign"> _session_kind </td><td class="col1 leftalign"> Type of session (<abbr title="Authentification unique (Single Sign On)">SSO</abbr>, Persistent, …) </td>
</tr>
</table></div><!-- EDIT24 TABLE [3585-3725] -->
</table></div><!-- EDIT24 TABLE [3566-3707] -->
</div><!-- EDIT23 SECTION "Other" [3566-] -->
</div><!-- EDIT23 SECTION "Other" [3547-] -->
</div>
</body>
</html>

102
po-doc/fr/pages/documentation/current/writingrulesand_headers.html
View File

@ -11,7 +11,7 @@
<link rel="stylesheet" type="text/css" href="/static/bwr/bootstrap/dist/css/bootstrap.min.css" />
//else --><!-- //endif -->
<meta name="generator" content="DokuWiki"/>
<meta name="robots" content="index,follow"/>
<meta name="robots" content="noindex,nofollow"/>
<meta name="keywords" content="documentation,2.0,writingrulesand_headers"/>
<link rel="search" type="application/opensearchdescription+xml" href="lib/exe/opensearch.html" title="LemonLDAP::NG"/>
<link rel="start" href="writingrulesand_headers.html"/>
@ -50,7 +50,12 @@
<div>
<ul class="toc">
<li class="level1"><div class="li"><a href="#rules">Règles</a></div></li>
<li class="level1"><div class="li"><a href="#available_env_variables">Available $ENV{} variables</a></div></li>
<li class="level1"><div class="li"><a href="#rules">Règles</a></div>
<ul class="toc">
<li class="level2"><div class="li"><a href="#rules_on_authentication_level">Rules on authentication level</a></div></li>
</ul>
</li>
<li class="level1"><div class="li"><a href="#headers">En-têtes</a></div></li>
<li class="level1"><div class="li"><a href="#available_functions">Available functions</a></div></li>
</ul>
@ -64,17 +69,43 @@
<p>
Lemonldap::NG gère les applications par leurs noms d'hôtes(hôtes virtuels d'Apache). Rules are used to protect applications, headers are HTTP headers added to the request to give datas to the application (for logs, profiles,…).
</p>
<div class="noteimportant">Noter que les variables designées par $xx correspondent au nom de <a href="exportedvars.html" class="wikilink1" title="documentation:2.0:exportedvars">variables exportées</a> ou de <a href="performances.html#macros_and_groups" class="wikilink1" title="documentation:2.0:performances">noms de macro</a>.
<div class="noteimportant">Note that variables designed by $xx correspond to the name of the <a href="exportedvars.html" class="wikilink1" title="documentation:2.0:exportedvars">exported variables</a> or <a href="performances.html#macros_and_groups" class="wikilink1" title="documentation:2.0:performances">macro names</a> except for <code>$ENV{&lt;cgi-header&gt;}</code> which correspond to CGI header <em>(<code>$ENV{REMOTE_ADDR}</code> for example)</em>.
</div>
</div><!-- EDIT1 SECTION "Writing rules and headers" [1-546] -->
<h2 class="sectionedit2" id="available_env_variables">Available $ENV{} variables</h2>
<div class="level2">
<p>
The %ENV table provides:
</p>
<ul>
<li class="level1"><div class="li"> all headers in CGI format <em>(<code>User-Agent</code> becomes <code>HTTP_USER_AGENT</code>)</em></div>
</li>
<li class="level1"><div class="li"> some CGI variables depending on the context:</div>
<ul>
<li class="level2"><div class="li"> For portal: all CGI standard variables <em>(you can add custom headers using <code>fastcgi_param</code> with Nginx)</em>,</div>
</li>
<li class="level2"><div class="li"> For Apache handler: REMOTE_ADDR, QUERY_STRING, REQUEST_<abbr title="Uniform Resource Identifier">URI</abbr>, SERVER_PORT, REQUEST_METHOD,</div>
</li>
<li class="level2"><div class="li"> For Nginx handler: all variables given by <code>fastcgi_param</code> commands.</div>
</li>
</ul>
</li>
</ul>
<p>
See also <a href="extendedfunctions.html" class="wikilink1" title="documentation:2.0:extendedfunctions">extended functions</a>.
</p>
</div><!-- EDIT1 SECTION "Writing rules and headers" [1-492] -->
</div><!-- EDIT2 SECTION "Available $ENV{} variables" [547-1077] -->
<h2 class="sectionedit2" id="rules">Règles</h2>
<h2 class="sectionedit3" id="rules">Règles</h2>
<div class="level2">
<p>
@ -90,7 +121,7 @@ A rule associates a <a href="http://en.wikipedia.org/wiki/Perl_Compatible_Regula
<p>
Exemples :
</p>
<div class="table sectionedit3"><table class="inline table table-bordered table-striped">
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> But </th><th class="col1 centeralign"> Expression régulière </th><th class="col2 centeralign"> Règle </th>
@ -114,7 +145,7 @@ Exemples :
<tr class="row6 roweven">
<td class="col0 leftalign"> Restrict access to the whole site to users that have the LDAP description field set to “LDAP administrator” (must be set in exported variables) </td><td class="col1 centeralign"> default </td><td class="col2 centeralign"> $description&nbsp;eq&nbsp;"LDAP&nbsp;administrator" </td>
</tr>
</table></div><!-- EDIT3 TABLE [715-1558] -->
</table></div><!-- EDIT4 TABLE [1300-2143] -->
<p>
La règle d'accès “<strong>default</strong>” est utilisée si aucune règle ne correspond à l'<abbr title="Uniform Resource Locator">URL</abbr> courante.
@ -130,7 +161,7 @@ La règle d'accès “<strong>default</strong>” est utilisée si aucune règle
<p>
Les règles peuvent également être utilisées pour intercepter les <abbr title="Uniform Resource Locator">URL</abbr> de déconnexion :
</p>
<div class="table sectionedit4"><table class="inline table table-bordered table-striped">
<div class="table sectionedit5"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> But </th><th class="col1 centeralign"> Expression régulière </th><th class="col2 centeralign"> Règle </th>
@ -145,16 +176,55 @@ Les règles peuvent également être utilisées pour intercepter les <abbr title
<tr class="row3 rowodd">
<td class="col0"> Logout user from current application and from Lemonldap::NG and redirect it to http://intranet/ <strong><em>(Apache only)</em></strong> </td><td class="col1 centeralign"> ^/index.php\?logout </td><td class="col2 centeralign"> logout_app_sso&nbsp;http://intranet/ </td>
</tr>
</table></div><!-- EDIT4 TABLE [2052-2700] -->
</table></div><!-- EDIT5 TABLE [2637-3285] -->
<p>
Par défaut, l'utilisateur est redirigé vers le portail si aucune <abbr title="Uniform Resource Locator">URL</abbr> n'est définie ou vers l'<abbr title="Uniform Resource Locator">URL</abbr> indiquée sinon.
</p>
<div class="noteimportant">Seule l'application est concernée par les cibles logout_app*. Faire attention avec certaines applications qui ne vérifient pas les en-têtes Lemonldap::NG après avoir créé leurs propres cookies. Dans ce cas, il faut rediriger les utilisateurs vers une page <abbr title="HyperText Markup Language">HTML</abbr> qui explique qu'il est préférable de clore son navigateur après déconnexion.
</div>
</div><!-- EDIT2 SECTION "Rules" [493-3111] -->
</div><!-- EDIT3 SECTION "Rules" [1078-3696] -->
<h2 class="sectionedit5" id="headers">En-têtes</h2>
<h3 class="sectionedit6" id="rules_on_authentication_level">Rules on authentication level</h3>
<div class="level3">
<p>
LLNG set an “authentication level” during authentication process. This level is the value of the authentication backend used for this user. Default values are:
</p>
<ul>
<li class="level1"><div class="li"> 0 for <a href="authnull.html" class="wikilink1" title="documentation:2.0:authnull">Null</a></div>
</li>
<li class="level1"><div class="li"> 1 for <a href="authcas.html" class="wikilink1" title="documentation:2.0:authcas">CAS</a>, <a href="authopenid.html" class="wikilink1" title="documentation:2.0:authopenid">old OpenID-2</a>, <a href="authfacebook.html" class="wikilink1" title="documentation:2.0:authfacebook">Facebook</a>,…</div>
</li>
<li class="level1"><div class="li"> 2 for web-form based authentication <em>(<a href="authldap.html" class="wikilink1" title="documentation:2.0:authldap">LDAP</a>, <a href="authdbi.html" class="wikilink1" title="documentation:2.0:authdbi">DBI</a>,…)</em></div>
</li>
<li class="level1"><div class="li"> 3 for <a href="authyubikey.html" class="wikilink1" title="documentation:2.0:authyubikey">Yubikey</a></div>
</li>
<li class="level1"><div class="li"> 4 for <a href="authapache.html" class="wikilink1" title="documentation:2.0:authapache">Kerberos</a></div>
</li>
<li class="level1"><div class="li"> 5 for <a href="authssl.html" class="wikilink1" title="documentation:2.0:authssl">SSL</a></div>
</li>
</ul>
<p>
There are two way to impose users to have a high authentication level:
</p>
<ul>
<li class="level1"><div class="li"> writing a rule based en authentication level: <code>$authenticationLevel &gt; 3</code></div>
</li>
<li class="level1"><div class="li"> since 2.0, set a minimum level in virtual host options</div>
</li>
</ul>
<div class="notetip">Instead of returning a 403 code, “minimum level” returns user to a form that explain that a higher level is required and propose to user to reauthenticate itself.
</div>
</div><!-- EDIT6 SECTION "Rules on authentication level" [3697-4582] -->
<h2 class="sectionedit7" id="headers">En-têtes</h2>
<div class="level2">
<p>
@ -164,7 +234,7 @@ Les en-têtes sont des associations entre un nom d'en-tête et une expression pe
<p>
Exemples :
</p>
<div class="table sectionedit6"><table class="inline table table-bordered table-striped">
<div class="table sectionedit8"><table class="inline table table-bordered table-striped">
<thead>
<tr class="row0 roweven">
<th class="col0 centeralign"> But </th><th class="col1 centeralign"> Nom d'en-tête </th><th class="col2 centeralign"> Valeur d'en-tête </th>
@ -182,7 +252,7 @@ Exemples :
<tr class="row4 roweven">
<td class="col0 leftalign"> Done une valeur non-ascii </td><td class="col1 centeralign"> Display-Name </td><td class="col2 centeralign"> encode_base64($givenName."&nbsp;".$surName) </td>
</tr>
</table></div><!-- EDIT6 TABLE [3295-3628] -->
</table></div><!-- EDIT8 TABLE [4766-5099] -->
<p>
Comme indiqué au <a href="performances.html#handler_performance" class="wikilink1" title="documentation:2.0:performances">chapître performances</a>, on peut utiliser des macros, macros locales,…
@ -198,9 +268,9 @@ Comme indiqué au <a href="performances.html#handler_performance" class="wikilin
<pre class="code">Session-ID =&gt; $_session_id</pre>
</div>
</div><!-- EDIT5 SECTION "Headers" [3112-4161] -->
</div><!-- EDIT7 SECTION "Headers" [4583-5632] -->
<h2 class="sectionedit7" id="available_functions">Available functions</h2>
<h2 class="sectionedit9" id="available_functions">Available functions</h2>
<div class="level2">
<p>
@ -215,7 +285,7 @@ In addition to macros and name, you can use some functions in rules and headers:
</li>
</ul>
</div><!-- EDIT7 SECTION "Available functions" [4162-] -->
</div><!-- EDIT9 SECTION "Available functions" [5633-] -->
</div>
</body>
</html>